CVE-2023-51026

TOTOlink EX1800T V9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘hour’ parameter of the setRebootScheCfg interface of the cstecgi .cgi...

CVE-2024-51026

CVE-2024-51026 affects NetAdmin IAM system v4.0.30319. The vulnerability is a Cross Site Scripting (XSS) issue in the /BalloonSave.ashx endpoint, where an attacker can inject a payload into the Content field. Affected component: BalloonSave.ashx handling in NetAdmin IAM; root cause: unsanitized C...

CVE-2024-51026

The NetAdmin IAM system version 4.0.30319 has a Cross Site Scripting XSS vulnerability in the /BalloonSave.ashx endpoint, where it is possible to inject a malicious payload into the Content= field...

CVE-2023-51026

creationtimestamp| type| source ---|---|--- 2023-12-22 19:21:58+00:00| seen| https://t.me/ctinow/158562 2023-12-28 01:16:17+00:00| seen| https://t.me/ctinow/159860 2024-01-18 12:16:28+00:00| seen| https://t.me/ctinow/169679...

CVE-2023-51026

TOTOlink EX1800T V9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘hour’ parameter of the setRebootScheCfg interface of the cstecgi .cgi...

CVE-2023-51026

The CVE-2023-51026 entry affects TOTOLINK EX1800T (version 9.1.0cu.2112_B20220316). The vulnerability is an unauthenticated, arbitrary command execution in the hour parameter of the setRebootScheCfg interface of the cstecgi .cgi, caused by improper input handling/filtering. Public sources consist...

Open Web Analytics 1.7.3 - Remote Code Execution (RCE)

Open Web Analytics OWA before 1.7.4 allows an unauthenticated remote attacker to obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes. This occurs because files generated with ' use exploit/multi/http/openwebanalyticsrce msf...