GCVE - cpe:2.3:a:ipswitch:whatsup_professional:2006:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:ipswitch:whatsup_professional:2006:*:*:*:*:*:*:*

part: a version: 2006 update: *

Vendor	Ipswitch (`f980cf58-ade3-5008-97dc-5202aeb62886`)
Product	Whatsup Professional (`1402031e-e3db-5c26-8cfa-f7ac41e03b73`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2006-2357`	vulnerable	2026-06-03 14:27:31.804713	Details available Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allows remote attackers to obtain source code for scripts via a trailing dot in a request to NmConsole/Login.asp. Published: 2006-05-15T10:00:00.000Z Updated: 2024-08-07T17:51:03.467Z Open on db.gcve.eu Reference links http://www.securityfocus.com/archive/1/433808 http://secunia.com/advisories/20075 https://exchange.xforce.ibmcloud.com/vulnerabilities/26506 http://www.vupen.com/english/advisories/2006/1787 http://securityreason.com/securityalert/897	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-2356`	vulnerable	2026-06-03 14:27:31.801851	Details available NmConsole/utility/RenderMap.asp in Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allows remote attackers to obtain sensitive information about network nodes via a modified nDeviceGroupID parameter. Published: 2006-05-15T10:00:00.000Z Updated: 2024-08-07T17:51:03.494Z Open on db.gcve.eu Reference links http://www.securityfocus.com/archive/1/433808 http://secunia.com/advisories/20075 https://exchange.xforce.ibmcloud.com/vulnerabilities/26505 http://www.vupen.com/english/advisories/2006/1787 http://www.osvdb.org/25475	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-2355`	vulnerable	2026-06-03 14:27:31.801417	Details available Ipswitch WhatsUp Professional 2006 and Ipswitch WhatsUp Professional 2006 Premium allows remote attackers to obtain full path information via 404 error messages. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Published: 2006-05-15T10:00:00.000Z Updated: 2024-08-07T17:51:03.471Z Open on db.gcve.eu Reference links http://www.osvdb.org/25477 http://secunia.com/advisories/20075 https://exchange.xforce.ibmcloud.com/vulnerabilities/26504	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-2354`	vulnerable	2026-06-03 14:27:31.801038	Details available NmConsole/Login.asp in Ipswitch WhatsUp Professional 2006 and Ipswitch WhatsUp Professional 2006 Premium generates different error messages in a way that allows remote attackers to enumerate valid usernames. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Published: 2006-05-15T10:00:00.000Z Updated: 2024-08-07T17:51:03.487Z Open on db.gcve.eu Reference links http://www.osvdb.org/25476 http://secunia.com/advisories/20075 https://exchange.xforce.ibmcloud.com/vulnerabilities/26503	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-2353`	vulnerable	2026-06-03 14:27:31.800666	Details available NmConsole/DeviceSelection.asp in Ipswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allows remote attackers to redirect users to other websites via the (1) sCancelURL and possibly (2) sRedirectUrl parameters. Published: 2006-05-15T10:00:00.000Z Updated: 2024-08-07T17:51:03.514Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/26502 http://www.securityfocus.com/archive/1/433808 http://secunia.com/advisories/20075 http://www.vupen.com/english/advisories/2006/1787 http://securityreason.com/securityalert/897	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-2352`	vulnerable	2026-06-03 14:27:31.800225	Details available Multiple cross-site scripting (XSS) vulnerabilities in IPswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allow remote attackers to inject arbitrary web script or HTML via unknown vectors in (1) NmConsole/Tools.asp and (2) NmConsole/DeviceSelection.asp. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Published: 2006-05-15T10:00:00.000Z Updated: 2024-08-07T17:51:03.465Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/26501 http://secunia.com/advisories/20075 http://www.osvdb.org/25471 http://www.vupen.com/english/advisories/2006/1787 http://www.osvdb.org/25472	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-2351`	vulnerable	2026-06-03 14:27:31.798474	Details available Multiple cross-site scripting (XSS) vulnerabilities in IPswitch WhatsUp Professional 2006 and WhatsUp Professional 2006 Premium allow remote attackers to inject arbitrary web script or HTML via the (1) sDeviceView or (2) nDeviceID parameter to (a) NmConsole/Navigation.asp or (3) sHostname parameter to (b) NmConsole/ToolResults.asp. Published: 2006-05-15T10:00:00.000Z Updated: 2024-08-07T17:51:03.499Z Open on db.gcve.eu Reference links http://www.osvdb.org/25469 http://www.securityfocus.com/archive/1/433808 http://secunia.com/advisories/20075 https://exchange.xforce.ibmcloud.com/vulnerabilities/26500 http://www.vupen.com/english/advisories/2006/1787	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Whatsup Professional

PURL mappings

Vulnerability references

Contribute