16 matches found
SUSE CVE-2017-12844
Cross-site scripting XSS vulnerability in the admin panel in IceWarp Mail Server 10.4.4 allows remote authenticated domain administrators to inject arbitrary web script or HTML via a crafted user name...
The vulnerability of the system administration programs Sudo-rs lies in insufficient validation of command arguments entered by users. This allows attackers to escalate their privileges by creating a specially crafted user name.
The vulnerability of the system administration programs Sudo-rs is related to insufficient checking of command arguments entered by users. Exploiting this vulnerability allows a malicious actor to enhance their privileges by creating a specially crafted user name...
CVE-2023-27533
A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server negotiation. The lack of proper input scrubbing allows an attacker to send content or perform...
WEBrick RCE Vulnerability
The Basic authentication code in WEBrick library in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows remote attackers to inject terminal emulator escape sequences into its log and possibly execute arbitrary commands via a crafted user name...
CVE-2020-17476
Mibew Messenger before 3.2.7 allows XSS via a crafted user name...
Cross site scripting
Mibew Messenger before 3.2.7 allows XSS via a crafted user name...
CVE-2020-17476
Mibew Messenger before 3.2.7 allows XSS via a crafted user name...
CVE-2020-13247
BooleBox Secure File Sharing Utility before 4.2.3.0 allows CSV injection via a crafted user name that is mishandled during export from the activity logs in the Audit Area...
CVE-2017-10784
The Basic authentication code in WEBrick library in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows remote attackers to inject terminal emulator escape sequences into its log and possibly execute arbitrary commands via a crafted user name...
CVE-2017-10784
Removed by vendor...
CVE-2017-10784
The Basic authentication code in WEBrick library in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows remote attackers to inject terminal emulator escape sequences into its log and possibly execute arbitrary commands via a crafted user name...
UBUNTU-CVE-2017-10784
The Basic authentication code in WEBrick library in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows remote attackers to inject terminal emulator escape sequences into its log and possibly execute arbitrary commands via a crafted user name...
CVE-2017-12844
Cross-site scripting XSS vulnerability in the admin panel in IceWarp Mail Server 10.4.4 allows remote authenticated domain administrators to inject arbitrary web script or HTML via a crafted user name...
Cross site scripting
Cross-site scripting XSS vulnerability in the admin panel in IceWarp Mail Server 10.4.4 allows remote authenticated domain administrators to inject arbitrary web script or HTML via a crafted user name...
The vulnerability of the microprogramming software of the Cisco TelePresence VCS allows a intruder to gain access to the device.
The vulnerability of the control interface for microprogrammed software in Cisco TelePresence VCS devices is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain access to the device using a specially crafte...
CVE-2013-4996
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 a crafted database name, 2 a crafted user name, 3 a crafted logo URL in the navigation panel, 4 a...