Show filters
18 Total Results
Displaying 1-10 of 18
Sort by:
Attacker Value
Unknown
CVE-2022-28703
Disclosure Date: December 01, 2022 (last updated October 08, 2023)
A stored cross-site scripting vulnerability exists in the HdConfigActions.aspx altertextlanguages functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger this vulnerability.
0
Attacker Value
Unknown
CVE-2022-27498
Disclosure Date: December 01, 2022 (last updated October 08, 2023)
A directory traversal vulnerability exists in the TicketTemplateActions.aspx GetTemplateAttachment functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability.
0
Attacker Value
Unknown
CVE-2022-32573
Disclosure Date: December 01, 2022 (last updated October 08, 2023)
A directory traversal vulnerability exists in the AssetActions.aspx addDoc functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can send an HTTP request to trigger this vulnerability.
0
Attacker Value
Unknown
CVE-2022-32763
Disclosure Date: December 01, 2022 (last updated October 08, 2023)
A cross-site scripting (xss) sanitization vulnerability bypass exists in the SanitizeHtml functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger this vulnerability.
0
Attacker Value
Unknown
CVE-2022-29511
Disclosure Date: December 01, 2022 (last updated October 08, 2023)
A directory traversal vulnerability exists in the KnowledgebasePageActions.aspx ImportArticles functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability.
0
Attacker Value
Unknown
CVE-2022-29517
Disclosure Date: December 01, 2022 (last updated October 08, 2023)
A directory traversal vulnerability exists in the HelpdeskActions.aspx edittemplate functionality of Lansweeper lansweeper 10.1.1.0. A specially-crafted HTTP request can lead to arbitrary file upload. An attacker can send an HTTP request to trigger this vulnerability.
0
Attacker Value
Unknown
CVE-2022-21145
Disclosure Date: February 28, 2022 (last updated October 07, 2023)
A stored cross-site scripting vulnerability exists in the WebUserActions.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger this vulnerability.
0
Attacker Value
Unknown
CVE-2022-21234
Disclosure Date: February 28, 2022 (last updated October 07, 2023)
An SQL injection vulnerability exists in the EchoAssets.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially-crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.
0
Attacker Value
Unknown
CVE-2022-21210
Disclosure Date: February 28, 2022 (last updated October 07, 2023)
An SQL injection vulnerability exists in the AssetActions.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially-crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.
0
Attacker Value
Unknown
CVE-2022-22149
Disclosure Date: February 28, 2022 (last updated October 07, 2023)
A SQL injection vulnerability exists in the HelpdeskEmailActions.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially-crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.
0
