TestLink 1.9.19 Server-Side Request Forgery

Exploit Title : TestLink version = 1.9.19 Server Side Request Forgery Author : Manish Kishan Tanwar AKA error1046 Vendor Link : http://testlink.org Love to : zero cool,Team indishell,Mannu,Viki,Hardeep Singh,Incredible,Kishan Singh and ritu rathi Discovered At : Indishell Lab...

CVE-2019-9874

Deserialization of Untrusted Data in the Sitecore.Security.AntiCSRF aka anti CSRF module in Sitecore CMS 7.0 to 7.2 and Sitecore XP 7.5 to 8.2 allows an unauthenticated attacker to execute arbitrary code by sending a serialized .NET object in the HTTP POST parameter CSRFTOKEN...

CVE-2019-9874

Deserialization of Untrusted Data in the Sitecore.Security.AntiCSRF aka anti CSRF module in Sitecore CMS 7.0 to 7.2 and Sitecore XP 7.5 to 8.2 allows an unauthenticated attacker to execute arbitrary code by sending a serialized .NET object in the HTTP POST parameter CSRFTOKEN...

CVE-2019-9875

Deserialization of Untrusted Data in the anti CSRF module in Sitecore through 9.1 allows an authenticated attacker to execute arbitrary code by sending a serialized .NET object in an HTTP POST parameter...

Deserialization of untrusted data

Deserialization of Untrusted Data in the anti CSRF module in Sitecore through 9.1 allows an authenticated attacker to execute arbitrary code by sending a serialized .NET object in an HTTP POST parameter...

CVE-2019-9874

Deserialization of Untrusted Data in the Sitecore.Security.AntiCSRF aka anti CSRF module in Sitecore CMS 7.0 to 7.2 and Sitecore XP 7.5 to 8.2 allows an unauthenticated attacker to execute arbitrary code by sending a serialized .NET object in the HTTP POST parameter CSRFTOKEN...

CVE-2018-14839

LG N1A1 NAS 3718.510 is affected by: Remote Command Execution. The impact is: execute arbitrary code remote. The attack vector is: HTTP POST with parameters...

Command injection

LG N1A1 NAS 3718.510 is affected by: Remote Command Execution. The impact is: execute arbitrary code remote. The attack vector is: HTTP POST with parameters...

CVE-2018-14839

LG N1A1 NAS 3718.510 is affected by: Remote Command Execution. The impact is: execute arbitrary code remote. The attack vector is: HTTP POST with parameters...

CVE-2018-14839

LG N1A1 NAS 3718.510 is affected by: Remote Command Execution. The impact is: execute arbitrary code remote. The attack vector is: HTTP POST with parameters...

CVE-2018-14839

LG N1A1 NAS 3718.510 is affected by a remote command execution vulnerability (CVE-2018-14839) that can be triggered via an HTTP POST with parameters, as evidenced by pre-auth remote command injection templates targeting the system/sharedir.php endpoint and references to a password parameter. Some...

CVE-2018-14839

LG N1A1 NAS 3718.510 is affected by: Remote Command Execution. The impact is: execute arbitrary code remote. The attack vector is: HTTP POST with parameters. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

CVE-2018-4028

An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. The HTTP server could allow an attacker to overwrite the root directory of the server, resulting in a denial of service. An attacker can send an HTTP POS...

Cross site request forgery (csrf)

An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. The HTTP server could allow an attacker to overwrite the root directory of the server, resulting in a denial of service. An attacker can send an HTTP POS...

Novatek NT9665X HFS Recv buffer overflow code execution vulnerability

Summary An exploitable code execution vulnerability exists in the HTTP request-parsing function of the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version “RoavA1SWV1.9.” A specially crafted packet can cause an unlimited and arbitrary write to memory, resulting in code executio...

RICOH SP 4520DN Printer - HTML Injection Vulnerability

Exploit for hardware platform in category web applications Exploit Title: RICOH SP 4520DN Printer - HTML Injection Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link: https://www.ricoh-europe.com/products/office-printers-fax/single-function-printers/sp-4520dn.ht...

RICOH SP 4510DN Printer - HTML Injection Vulnerability

Exploit for hardware platform in category web applications Exploit Title: RICOH SP 4510DN Printer - HTML Injection Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link: https://www.ricoh-europe.com/products/office-printers-fax/single-function-printers/sp-4520dn.ht...

dotCMS 5.1.1 - HTML Injection

dotCMS 5.1.1 - HTML Injection Exploit Title: dotCMS 5.1.1 - HTML Injection Date: 2019-05-09 Exploit Author: Ismail Tasdelen Vendor Homepage: https://dotcms.com/ Software Link: https://github.com/dotCMS Software: dotCMS Product Version: 5.1.1 Vulernability Type: Code Injection Vulenrability: HTML...

RICOH SP 4510DN Printer - HTML Injection

RICOH SP 4510DN Printer - HTML Injection Exploit Title: RICOH SP 4510DN Printer - HTML Injection Date: 2019-05-06 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link: https://www.ricoh-europe.com/products/office-printers-fax/single-function-printers/sp-4520dn.htm...

dotCMS 5.1.1 - HTML Injection Vulnerability

Exploit for jsp platform in category web applications Exploit Title: dotCMS 5.1.1 - HTML Injection Exploit Author: Ismail Tasdelen Vendor Homepage: https://dotcms.com/ Software Link: https://github.com/dotCMS Software: dotCMS Product Version: 5.1.1 Vulernability Type: Code Injection Vulenrability...