34 matches found
Stack overflow
H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via go parameter at /goform/aspForm...
H3C Magic R200 缓冲区错误漏洞
The H3C Magic R200 is a router from China's Xinhua San H3C. A security vulnerability exists in the H3C Magic R200 R200V100R004 version, which stems from the discovery that the go parameter via /goform/aspForm contains a stack overflow vulnerability...
CVE-2023-29917
The CVE-2023-29917 entry concerns H3C Magic R200 devices running R200V100R004. A stack overflow is triggered via the go parameter at the /goform/aspForm endpoint. Public details in connected sources consistently reference this endpoint and parameter as the cause. The CVSS data indicates a NETWORK...
CVE-2022-45519
Tenda W30E V1.0.1.25633 was discovered to contain a stack overflow via the Go parameter at /goform/SafeMacFilter...
Stack overflow
Tenda W30E V1.0.1.25633 was discovered to contain a stack overflow via the Go parameter at /goform/SafeMacFilter...
CVE-2022-30910
H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the GO parameter at /goform/aspForm...
CVE-2022-30910
H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the GO parameter at /goform/aspForm...
Stack overflow
H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the GO parameter at /goform/aspForm...
CVE-2022-30910
H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the GO parameter at /goform/aspForm...
CVE-2022-30910
CVE-2022-30910 affects H3C Magic R100 routers (R100V100R005). The vulnerability is a stack overflow in the GO parameter processed by /goform/aspForm, reported as a network-accessible issue with no user interaction. NVD metrics assign a CVSS v3.1 base score of 9.8 (CRITICAL) with HIGH confidential...
CVE-2020-12706
Multiple Cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers to inject arbitrary web script or HTML via the go parameter to faq/faqadmin.php or shoutboxpanel/shoutboxadmin.php...
PT-2019-15863 · Intelbras · Intelbras Wrn 150
Name of the Vulnerable Software and Affected Versions: Intelbras WRN 150 version 1.0.18 Description: The issue allows for cross-site request forgery CSRF attacks, which can be used to change a password. This can be achieved by accessing the goform/SysToolChangePwd URI with GO=system password.asp...
CVE-2019-11398
Multiple cross-site scripting XSS vulnerabilities in UliCMS 2019.2 and 2019.1 allow remote attackers to inject arbitrary web script or HTML via the go parameter to admin/index.php, the go parameter to /admin/index.php?register=register, or the error parameter to admin/index.php?action=favicon...
CVE-2009-4859
Multiple cross-site scripting XSS vulnerabilities in Online Work Order Suite OWOS Lite Edition 3.10 allow remote attackers to inject arbitrary web script or HTML via the show parameter to 1 default.asp and 2 report.asp, and the 3 go parameter to login.asp...