Vulnerabilities > Escanav > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-31 | CVE-2023-33730 | Cleartext Transmission of Sensitive Information vulnerability in Escanav Escan Management Console 14.0.1400.2281 Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan Management Console 14.0.1400.2281 allows any remote attacker to retrieve password of any admin or normal user in plain text format. | 9.8 |
| 2023-05-17 | CVE-2023-31703 | Cross-site Scripting vulnerability in Escanav Escan Management Console 14.0.1400.2281 Cross Site Scripting (XSS) in the edit user form in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the from parameter. | 9.0 |
| 2018-12-20 | CVE-2018-18388 | Unspecified vulnerability in Escanav Escan Anti-Virus 14.0 eScan Agent Application (MWAGENT.EXE) 4.0.2.98 in MicroWorld Technologies eScan 14.0 allows remote or local attackers to execute arbitrary commands by sending a carefully crafted payload to TCP port 2222. | 9.8 |