92 matches found
CVE-2021-20141
An unauthenticated command injection vulnerability exists in the parameters of operation 32 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...
CVE-2021-20141
An unauthenticated command injection vulnerability exists in the parameters of operation 32 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...
CVE-2021-20141
CVE-2021-20141 concerns Gryphon Tower routers. Several sources describe an unauthenticated command-injection vulnerability in the controller_server service, specifically in operation 32, where a remote attacker on the same network can send crafted packets to port 9999 and execute commands as root...
CVE-2021-20141
An unauthenticated command injection vulnerability exists in the parameters of operation 32 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...
Flexmonster Pivot Table & Charts 2.7.17 - 'To OLAP' Reflected XSS
Exploit Title: Flexmonster Pivot Table & Charts 2.7.17 - 'To OLAP' Reflected XSS Date: 08/01/2020 Exploit Author: Marco Nappi Vendor Homepage: https://www.flexmonster.com/ Version:Flexmonster Pivot Table & Charts 2.7.17 Tested on:Flexmonster Pivot Table & Charts 2.7.17 CVE : CVE-2020-20141 Cross...
CVE-2020-20141
creationtimestamp| type| source ---|---|--- 2020-12-18 02:43:22+00:00| seen| https://t.me/cibsecurity/21041 2024-11-14 06:07:34+00:00| seen| MISP/3d6552e6-dbb3-4a66-8c03-7da3fcc987d9...
CVE-2020-20141
Cross Site Scripting XSS vulnerability in the To OLAP XMLA component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17...
CVE-2020-20141
CVE-2020-20141 is a Cross Site Scripting (XSS) vulnerability in the To OLAP (XMLA) component under the Connect menu of Flexmonster Pivot Table & Charts 2.7.17. The Reflected XSS stems from insufficient input sanitization of the 'path' parameter when fetching file specifications (file_specs.php). ...
CVE-2019-20141
An XSS issue was discovered in the Laborator Neon theme 2.0 for WordPress via the data/autosuggest-remote.php q parameter...
CVE-2019-20141
CVE-2019-20141 affects WordPress with the Laborator Neon theme 2.0. The issue is a cross-site scripting (XSS) vulnerability via the data/autosuggest-remote.php q parameter. Exploitation details are not provided in the documents beyond the XSS description; user interaction is often required per CV...
CVE-2019-20141
An XSS issue was discovered in the Laborator Neon theme 2.0 for WordPress via the data/autosuggest-remote.php q parameter...
Abantecart 1.2.12 Cross Site Scripting
Cross-site Scripting Vulnerability in Abantecart 1.2.12 Information -------------------- Advisory by Netsparker Name: Reflected Cross-site Scripting in Abantecart 1.2.12 Affected Software: Abantecart Affected Versions: 1.2.12 Homepage: http://www.abantecart.com/ Vulnerability: Cross-site Scriptin...