Vulnerabilities > Lansweeper

DATE CVE VULNERABILITY TITLE RISK
2022-12-15 CVE-2022-27498 Path Traversal vulnerability in Lansweeper 10.1.1.0
A directory traversal vulnerability exists in the TicketTemplateActions.aspx GetTemplateAttachment functionality of Lansweeper lansweeper 10.1.1.0.
network
low complexity
lansweeper CWE-22
6.5
6.5
2022-12-15 CVE-2022-28703 Cross-site Scripting vulnerability in Lansweeper 10.1.1.0
A stored cross-site scripting vulnerability exists in the HdConfigActions.aspx altertextlanguages functionality of Lansweeper lansweeper 10.1.1.0.
network
low complexity
lansweeper CWE-79
5.4
5.4
2022-12-15 CVE-2022-29511 Path Traversal vulnerability in Lansweeper 10.1.1.0
A directory traversal vulnerability exists in the KnowledgebasePageActions.aspx ImportArticles functionality of Lansweeper lansweeper 10.1.1.0.
network
low complexity
lansweeper CWE-22
6.5
6.5
2022-12-15 CVE-2022-29517 Path Traversal vulnerability in Lansweeper 10.1.1.0
A directory traversal vulnerability exists in the HelpdeskActions.aspx edittemplate functionality of Lansweeper lansweeper 10.1.1.0.
network
low complexity
lansweeper CWE-22
8.8
8.8
2022-12-15 CVE-2022-32573 Path Traversal vulnerability in Lansweeper 10.1.1.0
A directory traversal vulnerability exists in the AssetActions.aspx addDoc functionality of Lansweeper lansweeper 10.1.1.0.
network
low complexity
lansweeper CWE-22
8.8
8.8
2022-12-15 CVE-2022-32763 Cross-site Scripting vulnerability in Lansweeper 10.1.1.0
A cross-site scripting (xss) sanitization vulnerability bypass exists in the SanitizeHtml functionality of Lansweeper lansweeper 10.1.1.0.
network
low complexity
lansweeper CWE-79
6.1
6.1
2022-04-14 CVE-2022-21145 Cross-site Scripting vulnerability in Lansweeper 9.1.20.2
A stored cross-site scripting vulnerability exists in the WebUserActions.aspx functionality of Lansweeper lansweeper 9.1.20.2.
network
low complexity
lansweeper CWE-79
4.8
4.8
2022-04-14 CVE-2022-21210 SQL Injection vulnerability in Lansweeper 9.1.20.2
An SQL injection vulnerability exists in the AssetActions.aspx functionality of Lansweeper lansweeper 9.1.20.2.
network
low complexity
lansweeper CWE-89
8.8
8.8
2022-04-14 CVE-2022-21234 SQL Injection vulnerability in Lansweeper 9.1.20.2
An SQL injection vulnerability exists in the EchoAssets.aspx functionality of Lansweeper lansweeper 9.1.20.2.
network
low complexity
lansweeper CWE-89
8.8
8.8
2022-04-14 CVE-2022-22149 SQL Injection vulnerability in Lansweeper 9.1.20.2
A SQL injection vulnerability exists in the HelpdeskEmailActions.aspx functionality of Lansweeper lansweeper 9.1.20.2.
network
low complexity
lansweeper CWE-89
8.8
8.8