Escanav Escan_management_console

10 CVEs affecting Escanav Escan_management_console. Latest disclosed: 2024-08-20. Critical: 3, High: 1.

Top CVEs affecting Escanav Escan_management_console
CVESeverityScorePublishedSummary
CVE-2024-42919Critical9.82024-08-20eScan Management Console 14.0.1400.2281 is vulnerable to Incorrect Access Control via acteScanAVReport.
CVE-2023-33730Critical9.82023-05-31Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan Management Console 14.0.1400.2281 allows any remote attacker to retri…
CVE-2023-31703Critical9.02023-05-17Cross Site Scripting (XSS) in the edit user form in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary…
CVE-2023-31702High7.22023-05-17SQL injection in the View User Profile in MicroWorld eScan Management Console 14.0.1400.2281 allows remote attacker to dump entire database and gain windows XP…
CVE-2023-33731Medium6.12023-06-02Reflected Cross Site Scripting (XSS) in the view dashboard detail feature in Microworld Technologies eScan management console 14.0.1400.2281 allows remote atta…
CVE-2023-33732Medium6.12023-05-31Cross Site Scripting (XSS) in the New Policy form in Microworld Technologies eScan management console 14.0.1400.2281 allows a remote attacker to inject arbitra…
CVE-2023-34838Medium5.42023-06-27A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary code vi…
CVE-2023-34837Medium5.42023-06-27A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary code vi…
CVE-2023-34836Medium5.42023-06-27A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary code vi…
CVE-2023-34835Medium5.42023-06-27A Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary JavaScr…