Lucene search
+L

92 matches found

NVD
NVD
added 2021/12/09 4:15 p.m.28 views

CVE-2021-20141

An unauthenticated command injection vulnerability exists in the parameters of operation 32 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...

8.8CVSS0.03709EPSS
Exploits1References1
OSV
OSV
added 2021/12/09 4:15 p.m.4 views

CVE-2021-20141

An unauthenticated command injection vulnerability exists in the parameters of operation 32 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...

8.8CVSS7.4AI score0.03709EPSS
Exploits1References1
CVE
CVE
added 2021/12/09 3:23 p.m.38 views

CVE-2021-20141

CVE-2021-20141 concerns Gryphon Tower routers. Several sources describe an unauthenticated command-injection vulnerability in the controller_server service, specifically in operation 32, where a remote attacker on the same network can send crafted packets to port 9999 and execute commands as root...

8.8CVSS8.9AI score0.03709EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/12/09 3:23 p.m.25 views

CVE-2021-20141

An unauthenticated command injection vulnerability exists in the parameters of operation 32 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...

9.2AI score0.03709EPSS
Exploits1References1
Exploit DB
Exploit DB
added 2020/12/21 12:0 a.m.210 views

Flexmonster Pivot Table & Charts 2.7.17 - 'To OLAP' Reflected XSS

Exploit Title: Flexmonster Pivot Table & Charts 2.7.17 - 'To OLAP' Reflected XSS Date: 08/01/2020 Exploit Author: Marco Nappi Vendor Homepage: https://www.flexmonster.com/ Version:Flexmonster Pivot Table & Charts 2.7.17 Tested on:Flexmonster Pivot Table & Charts 2.7.17 CVE : CVE-2020-20141 Cross...

6.1CVSS6.4AI score0.01616EPSS
Exploits3
Circl
Circl
added 2020/12/18 2:43 a.m.11 views

CVE-2020-20141

creationtimestamp| type| source ---|---|--- 2020-12-18 02:43:22+00:00| seen| https://t.me/cibsecurity/21041 2024-11-14 06:07:34+00:00| seen| MISP/3d6552e6-dbb3-4a66-8c03-7da3fcc987d9...

6.1CVSS6.1AI score0.01616EPSS
Exploits3References1
Cvelist
Cvelist
added 2020/12/17 10:38 p.m.28 views

CVE-2020-20141

Cross Site Scripting XSS vulnerability in the To OLAP XMLA component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17...

6AI score0.01616EPSS
Exploits3References1
CVE
CVE
added 2020/12/17 10:38 p.m.71 views

CVE-2020-20141

CVE-2020-20141 is a Cross Site Scripting (XSS) vulnerability in the To OLAP (XMLA) component under the Connect menu of Flexmonster Pivot Table & Charts 2.7.17. The Reflected XSS stems from insufficient input sanitization of the 'path' parameter when fetching file specifications (file_specs.php). ...

6.1CVSS5.9AI score0.01616EPSS
Exploits3References1Affected Software1
NVD
NVD
added 2019/12/30 6:15 p.m.19 views

CVE-2019-20141

An XSS issue was discovered in the Laborator Neon theme 2.0 for WordPress via the data/autosuggest-remote.php q parameter...

6.1CVSS6.1AI score0.05008EPSS
Exploits1References2
CVE
CVE
added 2019/12/30 4:47 p.m.120 views

CVE-2019-20141

CVE-2019-20141 affects WordPress with the Laborator Neon theme 2.0. The issue is a cross-site scripting (XSS) vulnerability via the data/autosuggest-remote.php q parameter. Exploitation details are not provided in the documents beyond the XSS description; user interaction is often required per CV...

6.1CVSS6AI score0.05008EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2019/12/30 4:47 p.m.23 views

CVE-2019-20141

An XSS issue was discovered in the Laborator Neon theme 2.0 for WordPress via the data/autosuggest-remote.php q parameter...

6.1AI score0.05008EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2019/01/23 12:0 a.m.54 views

Abantecart 1.2.12 Cross Site Scripting

Cross-site Scripting Vulnerability in Abantecart 1.2.12 Information -------------------- Advisory by Netsparker Name: Reflected Cross-site Scripting in Abantecart 1.2.12 Affected Software: Abantecart Affected Versions: 1.2.12 Homepage: http://www.abantecart.com/ Vulnerability: Cross-site Scriptin...

6.4AI score0.0159EPSS
Exploits1
Rows per page
Query Builder