BIBLIOsoft BIBLIOpac 2008 - Cross-Site Scripting

BIBLIOsoft BIBLIOpac 2008 contains a cross-site scripting vulnerability via the db or action parameter to bin/wxis.exe/bibliopac/, which allows a remote attacker to inject arbitrary web script or HTML. id: CVE-2018-16139 info: name: BIBLIOsoft BIBLIOpac 2008 - Cross-Site Scripting author:...

CVE-2019-16139

An issue was discovered in the compactarena crate before 0.4.0 for Rust. Generativity is mishandled, leading to an out-of-bounds write or read...

postgresql:15 security update

pgaudit pgrepack postgres-decoderbufs postgresql 15.5-1 - update to 15.5 - Fixes CVE-2023-5868, CVE-2023-5869, CVE-2023-5870, CVE-2023-39417, and CVE-2023-39418 Resolves: RHEL-16100, RHEL-16124, RHEL-16139...

CVE-2022-43622

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of Login requests to the web management portal. When...

Stack overflow

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of Login requests to the web management portal. When...

CVE-2022-43622

CVE-2022-43622 affects D-Link DIR-1935 devices (version 1.03). The flaw is in handling of the Login requests to the web management portal: during parsing of the HNAP_AUTH header, the length of user-supplied data is not properly validated before copying into a fixed-size stack buffer, enabling a s...

CVE-2022-43622

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of Login requests to the web management portal. When...

Cisco 7937G Denial-of-Service Reboot Attack

This module exploits a bug in how the conference station handles executing a ping via its web interface. By repeatedly executing the ping function without clearing out the resulting output, a DoS is caused that will reset the device after a few minutes. Module Options msf use...

CVE-2020-16139

creationtimestamp| type| source ---|---|--- 2020-08-21 14:32:32+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/cisco/cisco7937gdosreboot.py 2025-02-06 03:13:44+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:25+00:00| seen|...

CVE-2020-16139

Cisco Unified IP Conference Station 7937G versions 1-4-4-0 through 1-4-5-7 are affected by a denial-of-service vulnerability that lets an attacker remotely restart the device by sending specially crafted packets. The issue is described across CVE-2020-16139 sources, including PT-2020-14771, which...

CVE-2020-16139

A denial-of-service in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers restart the device remotely through sending specially crafted packets. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better...

Cisco 7937G Denial Of Service Exploit

CVE-2020-16138.py: Exploit Title: Cisco 7937G DoS 2 MSF Module Date: 2020-08-10 Exploit Author: Cody Martin Vendor Homepage: https://cisco.com Version: ', 'type': 'cve', 'ref': '2020-', 'type': 'edb', 'ref': '' , 'type': 'dos', 'options': 'rhost': 'type': 'address', 'description': 'Target address...

Cisco 7937G Denial Of Service

CVE-2020-16138.py: Exploit Title: Cisco 7937G DoS 2 MSF Module Date: 2020-08-10 Exploit Author: Cody Martin Vendor Homepage: https://cisco.com Version: ', 'type': 'cve', 'ref': '2020-', 'type': 'edb', 'ref': '' , 'type': 'dos', 'options': 'rhost': 'type': 'address', 'description': 'Target address...

CVE-2019-16139

The CVE-2019-16139 issue affects the Rust crate compact_arena prior to 0.4.0, where flawed generativity handling allowed an out-of-bounds write or read. Exploitation involves mixing indices between arenas, enabling memory access violations. The root cause is improper generativity implementation; ...

CVE-2018-16139

BIBLIOsoft BIBLIOpac 2008 contains a Cross-Site Scripting (XSS) vulnerability exploitable via the db or action parameter to bin/wxis.exe/bibliopac/. Reports indicate remote attackers can cause the victim’s browser to execute arbitrary scripts, potentially leading to session hijacking or data expo...

triptrapwoodcare.dk XSS vulnerability

Open Bug Bounty ID: OBB-643395 Description| Value ---|--- Affected Website:| triptrapwoodcare.dk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

CVE-2017-16139

jikes is a file server. jikes is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. Accessible files are restricted to files with .htm and .js extensions...

CVE-2017-16139

CVE-2017-16139 affects the jikes file server. The vulnerability is a directory traversal flaw in path resolution that allows an attacker to access the filesystem by placing sequences like "../" in the URL. The initial description notes that accessible files are restricted to those with .htm and ....

Unfixed XSS vulnerability at members.driverguide.com

Security researcher skathgh420, has submitted on 29/09/2009 a cross-site-scripting XSS vulnerability affecting members.driverguide.com, which at the time of submission ranked 16139 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 01/04/2012. It ...