Filtered by vendor Progress Subscriptions
Filtered by product Whatsupgold Subscriptions
Total 4 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-41318 1 Progress 1 Whatsupgold 2024-11-21 6.1 Medium
In Progress WhatsUp Gold prior to version 21.1.0, an application endpoint failed to adequately sanitize malicious input. which could allow an unauthenticated attacker to execute arbitrary code in a victim's browser.
CVE-2024-6671 1 Progress 2 Whatsup Gold, Whatsupgold 2024-09-25 9.8 Critical
In WhatsUp Gold versions released before 2024.0.0, if the application is configured with only a single user, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password.
CVE-2024-6670 1 Progress 2 Whatsup Gold, Whatsupgold 2024-09-17 9.8 Critical
In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password.
CVE-2024-6672 1 Progress 2 Whatsup Gold, Whatsupgold 2024-09-04 8.8 High
In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an authenticated low-privileged attacker to achieve privilege escalation by modifying a privileged user's password.