- EPSS 0.14%
- Veröffentlicht 30.09.2020 18:15:21
- Zuletzt bearbeitet 21.11.2024 05:01:41
In Lansweeper 8.0.130.17, the web console is vulnerable to a CSRF attack that would allow a low-level Lansweeper user to elevate their privileges within the application.
CVE-2020-14011
- EPSS 33.83%
- Veröffentlicht 15.06.2020 15:15:09
- Zuletzt bearbeitet 21.11.2024 05:02:20
Lansweeper 6.0.x through 7.2.x has a default installation in which the admin password is configured for the admin account, unless "Built-in admin" is manually unchecked. This allows command execution via the Add New Package and Scheduled Deployments ...
CVE-2019-18955
- EPSS 0.24%
- Veröffentlicht 19.12.2019 17:15:12
- Zuletzt bearbeitet 21.11.2024 04:33:54
The web console in Lansweeper 7.2.105.2 has XSS via the URL path. Product vulnerability has been fixed and disclosed within changelog as of 02 Dec 2019.
CVE-2019-13462
- EPSS 79.48%
- Veröffentlicht 12.08.2019 17:15:11
- Zuletzt bearbeitet 21.11.2024 04:24:57
Lansweeper before 7.1.117.4 allows unauthenticated SQL injection.
CVE-2015-9264
- EPSS 1.03%
- Veröffentlicht 27.08.2018 04:29:00
- Zuletzt bearbeitet 21.11.2024 02:40:12
Lansweeper 4.x through 6.x before 6.0.0.48 allows attackers to execute arbitrary code on the administrator's workstation via a crafted Windows service.
CVE-2017-16841
- EPSS 0.31%
- Veröffentlicht 16.11.2017 03:29:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
LanSweeper 6.0.100.75 has XSS via the description parameter to /Calendar/CalendarActions.aspx.
CVE-2017-13706
- EPSS 1.41%
- Veröffentlicht 10.10.2017 13:29:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
XML external entity (XXE) vulnerability in the import package functionality of the deployment module in Lansweeper before 6.0.100.67 allows remote authenticated users to obtain sensitive information, cause a denial of service, conduct server-side req...
CVE-2017-9292
- EPSS 0.24%
- Veröffentlicht 29.05.2017 17:29:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
Lansweeper before 6.0.0.65 has XSS in an image retrieval URI, aka Bug 542782.