Lucene search
+L

357 matches found

CNNVD
CNNVD
added 2024/01/11 12:0 a.m.7 views

exiftags Security Vulnerabilities

exiftags is a utility for parsing attribute data for a given JPEG image. A security vulnerability exists in exiftags version 1.01, which stems from a heap-based buffer overflow in nikonprop1 in nikon.c, where snprintf can write to an exception address...

7.8CVSS7.3AI score0.00361EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/01/11 12:0 a.m.5 views

PT-2024-13950 · Exiftags +1 · Exiftags +1

Name of the Vulnerable Software and Affected Versions: exiftags version 1.01 Description: The issue is a heap-based buffer overflow caused by the snprintf function writing to an unexpected address in the nikon prop1 function within nikon.c. This occurs because snprintf can write a size of 28,...

7.8CVSS7.6AI score0.00361EPSS
Exploits1References15
OSV
OSV
added 2023/09/20 8:15 p.m.7 views

CVE-2023-42331

A file upload vulnerability in EliteCMS v1.01 allows a remote attacker to execute arbitrary code via the manageuploads.php component...

8.8CVSS6.1AI score0.01213EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2023/09/20 8:15 p.m.7 views

CVE-2023-42331

A file upload vulnerability in EliteCMS v1.01 allows a remote attacker to execute arbitrary code via the manageuploads.php component...

8.8CVSS6.2AI score0.01213EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2023/09/20 12:0 a.m.5 views

PT-2023-28318 · Elitecms · Elitecms

Name of the Vulnerable Software and Affected Versions: EliteCMS version 1.01 Description: A file upload vulnerability allows a remote attacker to execute arbitrary code via the manage uploads.php component. Recommendations: For EliteCMS version 1.01, consider disabling the file upload functionali...

8.8CVSS8.9AI score0.01213EPSS
Exploits1References9
CNNVD
CNNVD
added 2023/09/20 12:0 a.m.8 views

elitecms Code Issues Vulnerabilities

elitecms is a web content management from elitecms India. A code issue vulnerability exists in elitecms version 1.01. An attacker can exploit this vulnerability to execute arbitrary code via the manageuploads.php component...

8.8CVSS7.7AI score0.01213EPSS
Exploits1References4
OSV
OSV
added 2023/08/14 5:15 p.m.5 views

CVE-2023-33013

A post-authentication command injection vulnerability in the NTP feature of Zyxel NBG6604 firmware version V1.01ABIR.1C0 could allow an authenticated attacker to execute some OS commands remotely by sending a crafted HTTP request...

8.8CVSS5.9AI score0.0143EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2023/07/04 12:0 a.m.186 views

D-Link DAP-1325 Insecure Direct Object Reference

Exploit Title: D-Link DAP-1325 - Broken Access Control Date: 27-06-2023 Exploit Author: ieduardogoncalves Contact : twitter.com/0x00dia Vendor : www.dlink.com Version: Hardware version: A1 Firmware version: 1.01 Tested on:All Platforms 1 Description Security vulnerability known as "Unauthenticate...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2023/07/03 12:0 a.m.169 views

D-Link DAP-1325 - Broken Access Control

Exploit Title: D-Link DAP-1325 - Broken Access Control Date: 27-06-2023 Exploit Author: ieduardogoncalves Contact : twitter.com/0x00dia Vendor : www.dlink.com Version: Hardware version: A1 Firmware version: 1.01 Tested on:All Platforms 1 Description Security vulnerability known as "Unauthenticate...

7.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2023/06/27 12:0 a.m.6 views

PT-2025-51744

Name of the Vulnerable Software and Affected Versions D-Link DAP-1325 firmware version 1.01 Description The device has a flaw in access control that permits unauthenticated attackers to obtain device configuration settings without needing to authenticate. Attackers can access the...

8.7CVSS9AI score0.00631EPSS
Exploits1References7
OSV
OSV
added 2023/04/07 9:15 p.m.4 views

CVE-2022-43309

Supermicro X11SSL-CF HW Rev 1.01, BMC firmware v1.63 was discovered to contain insecure permissions...

5.5CVSS5.8AI score0.00151EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/04/07 12:0 a.m.5 views

Supermicro X11 安全漏洞

The Supermicro X11 is a server motherboard from Supermicro. A security vulnerability exists in the Supermicro X11SSL-CF HW Rev 1.01, BMC firmware version 1.63, which stems from the BMC having an internal IC bus that causes the voltage to vary outside of the CPU's specified operating range, thus...

5.5CVSS5.7AI score0.00151EPSS
Exploits0References5
OSV
OSV
added 2023/03/28 9:15 p.m.3 views

CVE-2023-28648

Osprey Pump Controller version 1.01 inputs passed to a GET parameter are not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML/JS code in a user's browser session in context of an affected site...

6.1CVSS6AI score0.00835EPSS
Exploits1References1
OSV
OSV
added 2023/03/28 9:15 p.m.3 views

CVE-2023-28712

Osprey Pump Controller version 1.01 contains an unauthenticated command injection vulnerability that could allow system access with www-data permissions...

9.8CVSS7.3AI score0.0123EPSS
Exploits1References1
OSV
OSV
added 2023/03/28 9:15 p.m.4 views

CVE-2023-28718

Osprey Pump Controller version 1.01 allows users to perform certain actions via HTTP requests without performing any checks to verify the requests. This may allow an attacker to perform certain actions with administrative privileges if a logged-in user visits a malicious website...

8CVSS7.3AI score0.00254EPSS
Exploits1References1
OSV
OSV
added 2023/03/28 9:15 p.m.3 views

CVE-2023-27394

Osprey Pump Controller version 1.01 is vulnerable an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through a HTTP GET parameter called by DataLogView.php, EventsView.php and AlarmsView.php scripts...

9.8CVSS6AI score0.18202EPSS
Exploits1References1
Prion
Prion
added 2023/03/28 9:15 p.m.23 views

Design/Logic Flaw

Osprey Pump Controller version 1.01 is vulnerable to an unauthenticated file disclosure. Using a GET parameter, attackers can disclose arbitrary files on the affected device and disclose sensitive and system information...

5CVSS7.6AI score0.01537EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2023/03/28 9:15 p.m.20 views

Design/Logic Flaw

Osprey Pump Controller version 1.01 inputs passed to a GET parameter are not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML/JS code in a user's browser session in context of an affected site...

5.8CVSS6.8AI score0.00835EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2023/03/28 8:15 p.m.3 views

CVE-2023-28395

Osprey Pump Controller version 1.01 is vulnerable to a weak session token generation algorithm that can be predicted and can aid in authentication and authorization bypass. This may allow an attacker to hijack a session by predicting the session id and gain unauthorized access to the product...

7.5CVSS7.1AI score0.00649EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/03/28 8:5 p.m.46 views

CVE-2023-27394 CVE-2023-27394

Osprey Pump Controller version 1.01 is vulnerable an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through a HTTP GET parameter called by DataLogView.php, EventsView.php and AlarmsView.php scripts...

9.8CVSS10AI score0.18202EPSS
Exploits1References1
Rows per page
Query Builder