Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Whatsup_gold
(Progress)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 55 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2016-10-06 | CVE-2016-1000000 | Ipswitch WhatsUp Gold 16.4.1 WrFreeFormText.asp sUniqueID Parameter Blind SQL Injection | Whatsup_gold | 8.8 | ||
| 2018-01-24 | CVE-2018-5777 | An issue was discovered in Ipswitch WhatsUp Gold before 2017 Plus SP1 (17.1.1). Remote clients can take advantage of a misconfiguration in the TFTP server that could allow attackers to execute arbitrary commands on the TFTP server via unspecified vectors. | Whatsup_gold | 9.8 | ||
| 2018-01-24 | CVE-2018-5778 | An issue was discovered in Ipswitch WhatsUp Gold before 2017 Plus SP1 (17.1.1). Multiple SQL injection vulnerabilities are present in the legacy .ASP pages, which could allow attackers to execute arbitrary SQL commands via unspecified vectors. | Whatsup_gold | 9.8 | ||
| 2018-05-01 | CVE-2018-8938 | A Code Injection issue was discovered in DlgSelectMibFile.asp in Ipswitch WhatsUp Gold before 2018 (18.0). Malicious actors can inject a specially crafted SNMP MIB file that could allow them to execute arbitrary commands and code on the WhatsUp Gold server. | Whatsup_gold | 9.8 | ||
| 2018-05-01 | CVE-2018-8939 | An SSRF issue was discovered in NmAPI.exe in Ipswitch WhatsUp Gold before 2018 (18.0). Malicious actors can submit specially crafted requests via the NmAPI executable to (1) gain unauthorized access to the WhatsUp Gold system, (2) obtain information about the WhatsUp Gold system, or (3) execute remote commands. | Whatsup_gold | 9.8 |