Escanav Escan_management_console
10 CVEs affecting Escanav Escan_management_console. Latest disclosed: 2024-08-20. Critical: 3, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-42919 | Critical | 9.8 | 2024-08-20 | eScan Management Console 14.0.1400.2281 is vulnerable to Incorrect Access Control via acteScanAVReport. |
CVE-2023-33730 | Critical | 9.8 | 2023-05-31 | Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan Management Console 14.0.1400.2281 allows any remote attacker to retri… |
CVE-2023-31703 | Critical | 9.0 | 2023-05-17 | Cross Site Scripting (XSS) in the edit user form in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary… |
CVE-2023-31702 | High | 7.2 | 2023-05-17 | SQL injection in the View User Profile in MicroWorld eScan Management Console 14.0.1400.2281 allows remote attacker to dump entire database and gain windows XP… |
CVE-2023-33731 | Medium | 6.1 | 2023-06-02 | Reflected Cross Site Scripting (XSS) in the view dashboard detail feature in Microworld Technologies eScan management console 14.0.1400.2281 allows remote atta… |
CVE-2023-33732 | Medium | 6.1 | 2023-05-31 | Cross Site Scripting (XSS) in the New Policy form in Microworld Technologies eScan management console 14.0.1400.2281 allows a remote attacker to inject arbitra… |
CVE-2023-34838 | Medium | 5.4 | 2023-06-27 | A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary code vi… |
CVE-2023-34837 | Medium | 5.4 | 2023-06-27 | A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary code vi… |
CVE-2023-34836 | Medium | 5.4 | 2023-06-27 | A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary code vi… |
CVE-2023-34835 | Medium | 5.4 | 2023-06-27 | A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary JavaScr… |