16 matches found
CVE-2019-18418
clonos.php in ClonOS WEB control panel 19.09 allows remote attackers to gain full access via change password requests because there is no session management...
CVE-2017-18418
cPanel before 66.0.2 allows stored XSS during WHM cPAddons file operations SEC-265...
CVE-2023-32140
D-Link DAP-1360 webproc var:sysToken Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. T...
CVE-2023-32140 D-Link DAP-1360 webproc var:sys_Token Heap-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-1360 webproc var:sysToken Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. T...
CVE-2023-32140
CVE-2023-32140 affects D-Link DAP-1360 via a heap-based buffer overflow in the webproc endpoint (/cgi-bin/webproc) when parsing var:sys_Token. The flaw allows network-adjacent attackers (no authentication) to execute code with root privileges. Impact is remote code execution with full device comp...
CVE-2023-32140 D-Link DAP-1360 webproc var:sys_Token Heap-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-1360 webproc var:sysToken Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1360 routers. Authentication is not required to exploit this vulnerability. T...
CVE-2019-18418
creationtimestamp| type| source ---|---|--- 2024-01-27 13:11:43+00:00| seen| https://t.me/ctinow/174756...
CVE-2020-18418
The provided documents identify a CSRF vulnerability in FeiFeiCMS v4.1.190209 that lets an attacker create administrator accounts via /index.php?s=Admin-Admin-Insert. The CVE entry CVE-2020-18418 notes this is a high-severity issue (CVSS v3.1: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H; base score 8.8)....
CVE-2020-18418
A Cross site request forgery CSRF vulnerability was discovered in FeiFeiCMS v4.1.190209, which allows attackers to create administrator accounts via /index.php?s=Admin-Admin-Insert...
ClonOs WEB UI Authentication Bypass (CVE-2019-18418)
An authentication bypass vulnerability exists in ClonOs WEB UI. Successful exploitation of this vulnerability could allow a remote attacker to gain unauthorized access to the affected system...
CVE-2020-26607
An issue was discovered in TimaService on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. PendingIntent with an empty intent is mishandled, allowing an attacker to perform a privileged action via a modified intent. The Samsung ID is SVE-2020-18418 October 2020...
Code injection
An issue was discovered in TimaService on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. PendingIntent with an empty intent is mishandled, allowing an attacker to perform a privileged action via a modified intent. The Samsung ID is SVE-2020-18418 October 2020...
CVE-2020-26607
An issue was discovered in TimaService on Samsung mobile devices with O8.x, P9.0, and Q10.0 software. PendingIntent with an empty intent is mishandled, allowing an attacker to perform a privileged action via a modified intent. The Samsung ID is SVE-2020-18418 October 2020...
CVE-2020-26607
Summary: CVE-2020-26607 describes a privilege-escalation issue in Samsung’s TimaService where a PendingIntent with an empty intent can be exploited by modifying the intent to perform a privileged action on affected devices (Samsung Android O(8.x), P(9.0), Q(10.0)). The Samsung vulnerability ID is...
ClonOs WEB UI 19.09 - Improper Access Control
ClonOs WEB UI 19.09 - Improper Access Control Exploit Title: ClonOs WEB UI 19.09 - Improper Access Control Date: 2019-10-19 Exploit Author: İbrahim Hakan Şeker Vendor Homepage: https://clonos.tekroutine.com/ Software Link: https://github.com/clonos/control-pane Version: 19.09 Tested on: ClonOs CV...
CVE-2019-18418
CVE-2019-18418 affects ClonOS WEB control panel version 19.09. The issue is in clonos.php where there is no session management, enabling remote attackers to gain full access by sending password-change requests. Multiple sources (NVD/NVD mirrors and security advisories) describe an authentication/...