CVE-2011-4659

Cisco TelePresence TE Software on Cisco IP Video Phone E20 (upgraded to TE 4.1.0) may introduce an unsecured default root account, enabling an unauthenticated, remote attacker to log in via SSH and modify device configuration. The vulnerability arises from an incomplete disabling of the root acco...

Default credentials

Cisco TelePresence Recording Server 1.7.2.x before 1.7.2.1 has a default password for the root administrator account, which makes it easier for remote attackers to modify the configuration via an SSH session, aka Bug ID CSCtr76182...

NucleusCMS Change Management Configuration CSRF vulnerability-vulnerability warning-the black bar safety net

Vulnerability description: NucleusCMS Change Management Configuration CSRF vulnerability Nucleus is a system for managing one or more blog tools. It uses PHP4 to develop and requires MySQL database support. Nucleus has support for multiple writing, to support the first preview and then submit, th...

CVE-2010-2843

Cisco Wireless LAN Controller (WLC) software is listed as affected (likely versions 4.2 through 6.0). The CVE describes a vulnerability where remote authenticated users can bypass access restrictions and modify configuration, and potentially obtain administrative privileges, via unspecified vecto...

CVE-2010-2843

Cisco Wireless LAN Controller WLC software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerability than CVE-2010-2842 and...

Max CMS2. 0beta (maxcms)SQL injection and administrator authentication bypass vulnerability-vulnerability warning-the black bar safety net

This system was internally very popular video-on-demand system, before 1. 5 version vulnerability very much, the 2.0 version in terms of security has improved, but still there are loopholes exist. Look at the code \inc\ajax. asp dim action : action = getForm"action", "get" response. Charset="gbk"...

IS-2010-005 - D-Link DAP-1160 Authentication Bypass

Security Advisory IS-2010-005 - D-Link DAP-1160 Authentication Bypass Advisory Information -------------------- Published: 2010-06-29 Updated: 2010-06-29 Manufacturer: D-Link Model: DAP-1160 Firmware version: 1.20b06 1.30b10 1.31b01 Vulnerability Details --------------------- Public References: N...

IS-2010-002 - Linksys WAP54Gv3 Remote Debug Root Shell

Security Advisory IS-2010-002 - Linksys WAP54Gv3 Remote Debug Root Shell Advisory Information -------------------- Published: 2010-06-08 Updated: 2010-06-08 Manufacturer: Linksys Model: WAP54G Hardware version: v3.x Firmware version: ver.3.05.03 Europe ver.3.04.03 Vulnerability Details...

Deserialization of untrusted data

The web interface in McAfee Email Gateway formerly IronMail 6.7.1 allows remote authenticated users, with only Read privileges, to gain Write privileges to modify configuration via the save action in a direct request to admin/systemWebAdminConfig.do...

CVE-2010-2116

The web interface in McAfee Email Gateway formerly IronMail 6.7.1 allows remote authenticated users, with only Read privileges, to gain Write privileges to modify configuration via the save action in a direct request to admin/systemWebAdminConfig.do...

Ubuntu USN-856-1 (cupsys)

The remote host is missing an update to cupsys announced via advisory USN-856-1. OpenVAS Vulnerability Test $Id: ubuntu8561.nasl 8616 2018-02-01 08:24:13Z cfischer $ $Id: ubuntu8561.nasl 8616 2018-02-01 08:24:13Z cfischer $ Description: Auto-generated from advisory USN-856-1 cupsys Authors: Thoma...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in WS-Proxy in Eye-Fi 1.1.2 allow remote attackers to hijack the authentication of users for requests that modify configuration via a SOAPAction parameter of 1 urn:SetOptions for autostart, 2 urn:SetDesktopSync for file upload, or 3...

CVE-2009-3022

Cross-site request forgery CSRF vulnerability in bingo!CMS 1.2 and earlier allows remote attackers to hijack the authentication of other users for requests that modify configuration or change content via unspecified vectors...

CVE-2009-3022

Cross-site request forgery CSRF vulnerability in bingo!CMS 1.2 and earlier allows remote attackers to hijack the authentication of other users for requests that modify configuration or change content via unspecified vectors...

bingo!CMS core and bingo!CMS vulnerable to cross-site request forgery

Overview bingo!CMS core and bingo!CMS contain a cross-site request forgery vulnerability. bingo!CMS core and bingo!CMS are content management systems CMS. bingo!CMS core and bingo!CMS contain a cross-site request forgery vulnerability. Masako Oono reported this vulnerability to IPA. JPCERT/CC...

Design/Logic Flaw

Unspecified vulnerability on the Cisco Wireless LAN Controller WLC platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules WiSM, WLC Modules for Integrated Services Routers,...

CVE-2009-1167

Unspecified vulnerability on the Cisco Wireless LAN Controller WLC platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules WiSM, WLC Modules for Integrated Services Routers,...

CVE-2009-1167

CVE-2009-1167 affects Cisco Wireless LAN Controllers (WLC). A remote attacker can send crafted HTTP/HTTPS requests to an administrative interface to perform unauthorized configuration changes. Affected firmware: 4.x prior to 4.2.205.0 and 5.x prior to 5.2.191.0, across WLCs and related modules. C...

Code injection

Unspecified vulnerability in nepa-design.de Spam Protection ndantispam extension 1.0.3 for TYPO3 allows remote attackers to modify configuration via unknown vectors...

CVE-2008-6690

Technical details about CVE-2008-6690 are not publicly disclosed in the provided documents. No concrete affected products, root cause, or remediation are present here. Monitor for updates from CVE sources and connected advisories.