CVE-2014-2868

PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to modify the flow of execution of ColdFusion code by using an HTTP GET request to set a ColdFusion variable...

Code injection

PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to modify the flow of execution of ColdFusion code by using an HTTP GET request to set a ColdFusion variable...

CVE-2014-2868

PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to modify the flow of execution of ColdFusion code by using an HTTP GET request to set a ColdFusion variable...

CVE-2014-2749

The HANA ICM process in SAP HANA allows remote attackers to obtain the platform version, host name, instance number, and possibly other sensitive information via a malformed HTTP GET request...

Cross site request forgery (csrf)

The HANA ICM process in SAP HANA allows remote attackers to obtain the platform version, host name, instance number, and possibly other sensitive information via a malformed HTTP GET request...

WebPagetest 'file' parameter Local File Disclosure Vulnerability

WebPagetest is prone to local file disclosure vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RockMongo Cross Site Scripting and Directory Traversal Vulnerabilities

Rockmongo is prone to cross-site scripting XSS and directory traversal vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

ONO Hitron CDE-30364 Router Denial Of Service

!/usr/bin/python ----------------------------------------------------------------------------------------- Description: ----------------------------------------------------------------------------------------- Hitron Technologies CDE-30364 is a famous ONO Router. The Hitron Technologies CDE-30364...

Samsung TV - DoS vulnerability

Author: Malik Mesellem - @MMEIT - http://www.itsecgames.com Type: Denial of Service DoS attack Description: DoS vulnerability on some Samsung TVs The web server DMCRUIS/0.1 on port TCP/5600 is crashing by sending a long HTTP GET request Tested successfully on my Samsung PS50C7700 plasma TV...

Vatican Cross Site Scripting

vaticanstate.va XSS Vulnerability webcam page ======================================================== Site: http://www.vaticanstate.va/IT/Monumenti/webcam/index?cam=webcam3 Discovered by: Andrea Menin base64 @: bWVuaW4uYW5kcmVhQGdtYWlsLmNvbQ== Follow me: http://www.linkedin.com/in/andreamenin...

Nameko Webmail Cross Site Scripting

Nameko Webmail XSS Vulnerability on version tag that is possible to break and execute any javascript inside a tag . The URL for match the XSS, should be like url-decoded: ?fontsize=11pt;++alertdocument.cookiebody++font-size:11 XSS URL: -------- https:// victim host...

Netgear WNDAP350 / WN604 Wireless Access Point Multiple Information Disclosure Vulnerabilities - Active Check

Various Netgear wireless access point devices are prone to multiple remote information disclosure issues because they fail to restrict access to sensitive information. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright ...

Free Hosting Manager <= 2.0.2 Multiple Vulnerabilities - Active Check

Free Hosting Manager is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2012-5633

The URIMappingInterceptor in Apache CXF before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2, when using the WSS4JInInterceptor, bypasses WS-Security processing, which allows remote attackers to obtain access to SOAP services via an HTTP GET request...

CVE-2012-5633

The URIMappingInterceptor in Apache CXF before 2.5.8, 2.6.x before 2.6.5, and 2.7.x before 2.7.2, when using the WSS4JInInterceptor, bypasses WS-Security processing, which allows remote attackers to obtain access to SOAP services via an HTTP GET request...

TVMOBiLi Media Server Multiple Remote DoS Vulnerabilities

Advisory ID: HTB23120 Product: TVMOBiLi media server Vendor: TVMOBiLi Vulnerable Versions: 2.1.0.3557 and probably prior version Tested Version: 2.1.0.3557 in Windows XP SP3 32 bits Vendor Notification: October 15, 2012 Vendor Patch: November 21, 2012 Public Disclosure: December 5, 2012...

HP Operations Agent code execution

coda.exe buffer overflow on HTTP GET request processing...

Tiny Server <= 1.1.5 Information Disclosure Vulnerability - Active Check

Tiny Server is prone to arbitrary file disclosure vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Semantic Enterprise Wiki <= 1.6.0_2 XSS Vulnerability - Active Check

Semantic Enterprise Wiki is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Netmechanica NetDecision Traffic Grapher Server - Information Disclosure

Netmechanica NetDecision Traffic Grapher Server - Information Disclosure Title : Netmechanica NetDecision Traffic Grapher Server Information Disclosure Vulnerability Author : Prabhu S Angadi SecPod Technologies www.secpod.com Vendor : http://www.netmechanica.com Advisory :...