Microstrategy Web 7 - Cross-Site Scripting

Microstrategy Web 7 does not sufficiently encode user-controlled inputs, resulting in cross-site scripting via the Login.asp Msg parameter. id: CVE-2018-18775 info: name: Microstrategy Web 7 - Cross-Site Scripting author: 0xAkoko severity: medium description: Microstrategy Web 7 does not...

CVE-2020-18775

In Libav 12.3, there is a heap-based buffer over-read in vc1decodebmbintfi in vc1block.c that allows an attacker to cause denial-of-service via a crafted file...

SUSE CVE-2020-18775

In Libav 12.3, there is a heap-based buffer over-read in vc1decodebmbintfi in vc1block.c that allows an attacker to cause denial-of-service via a crafted file...

CVE-2020-18775

In Libav 12.3, there is a heap-based buffer over-read in vc1decodebmbintfi in vc1block.c that allows an attacker to cause denial-of-service via a crafted file...

CVE-2020-18775

CVE-2020-18775 affects Libav 12.3: a heap-based buffer over-read in vc1_decode_b_mb_intfi (vc1_block.c) can cause denial-of-service when processing crafted files. All connected sources corroborate the same vulnerable function and impact; no public details on specific exploit paths or patched vers...

CVE-2017-18775

creationtimestamp| type| source ---|---|--- 2020-04-22 19:37:37+00:00| seen| https://t.me/cibsecurity/11522...

CVE-2017-18775

Certain NETGEAR devices are affected by CSRF. This affects R6100 before 1.0.1.12, R7500 before 1.0.0.108, WNDR3700v4 before 1.0.2.86, WNDR4300v1 before 1.0.2.88, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, and WNR2000v5 before 1.0.0.42...

CVE-2017-18775

Certain NETGEAR devices are affected by CSRF. This affects R6100 before 1.0.1.12, R7500 before 1.0.0.108, WNDR3700v4 before 1.0.2.86, WNDR4300v1 before 1.0.2.88, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, and WNR2000v5 before 1.0.0.42...

CVE-2017-18775

The CVE-2017-18775 entry describes a Cross-Site Request Forgery (CSRF) vulnerability in several NETGEAR routers. Affected devices and minimum vulnerable versions include: R6100 prior to 1.0.1.12, R7500 prior to 1.0.0.108, WNDR3700v4 prior to 1.0.2.86, WNDR4300v1 prior to 1.0.2.88, WNDR4300v2 prio...

CVE-2018-18775

The vulnerability CVE-2018-18775 affects Microstrategy Web 7, where Login.asp Msg parameter input is not sufficiently encoded, causing a Cross-Site Scripting (XSS). The NVD entry notes input encoding weaknesses leading to XSS with a base CVSS v3.0 score of 6.1 (Network, Low user interaction requi...

Microstrategy Web 7 Cross Site Scripting / Traversal

!-- Exploit Title: Cross Site Scripting in Microstrategy Web version 7 Date: 29-10-2018 Exploit Author: Rafael Pedrero Vendor Homepage: https://www.microstrategy.com Software Link: https://www.microstrategy.com Version: Microstrategy Web version 7 Tested on: Unix CVE : CVE-2018-18775 Category:...

Microstrategy Web 7 - Cross-Site Scripting Directory Traversal

Microstrategy Web 7 - Cross-Site Scripting Directory Traversal !-- Exploit Title: Cross Site Scripting in Microstrategy Web version 7 Date: 29-10-2018 Exploit Author: Rafael Pedrero Vendor Homepage: https://www.microstrategy.com Software Link: https://www.microstrategy.com Version: Microstrategy...

WebCalendar 1.2.4 Pre-Auth Remote Code Injection

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "WebCalendar 1.2.4...

WebCalendar 1.2.4 Pre-Auth Remote Code Injection

Exploit for linux platform in category web applications This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

Fedora Update for firefox FEDORA-2010-18775

Check for the Version of firefox OpenVAS Vulnerability Test Fedora Update for firefox FEDORA-2010-18775 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...