Lucene search
K

44 matches found

CVE
CVE
added 2020/04/21 6:57 p.m.88 views

CVE-2019-17525

CVE-2019-17525 concerns the login page of the D-Link DIR-615 T1 with firmware 20.10, where an issue allows remote attackers to bypass CAPTCHA protection and perform brute-force login attempts. The connected sources confirm a CAPTCHA bypass vulnerability on DIR-615 T1 20.10, enabling credential br...

8.8CVSS8.7AI score0.0584EPSS
Exploits4References2Affected Software1
UbuntuCve
UbuntuCve
added 2017/12/14 4:29 p.m.38 views

CVE-2017-17525

guiclient/guiclient.cpp in xTuple PostBooks 4.7.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

8.8CVSS7.3AI score0.0122EPSS
Exploits0References3
NVD
NVD
added 2017/12/14 4:29 p.m.24 views

CVE-2017-17525

guiclient/guiclient.cpp in xTuple PostBooks 4.7.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

8.8CVSS8.5AI score0.0122EPSS
Exploits0References1
CVE
CVE
added 2017/12/14 4:0 p.m.49 views

CVE-2017-17525

CVE-2017-17525 affects guiclient/guiclient.cpp in xTuple PostBooks 4.7.0, where the BROWSER environment variable is used without validating the launched program’s arguments. This can enable remote argument-injection via a crafted URL. Public records consistently describe the issue and its impact,...

8.8CVSS8.4AI score0.0122EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder