63 matches found
CVE-2022-20904
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...
CVE-2022-20881
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...
CVE-2022-20912
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...
CVE-2022-20891
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...
Cisco Small Business 缓冲区错误漏洞
Cisco Small Business is a switch from Cisco USA. A denial-of-service vulnerability exists in multiple Cisco Small Business products, which stems from insufficient user input validation of incoming HTTP packets. An unauthenticated, remote attacker could exploit the vulnerability to execute arbitra...
CVE-2021-1397
A vulnerability in the web-based management interface of Cisco Integrated Management Controller IMC Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request. An...
Nagios XI 安全漏洞
Nagios XI is a commercial monitoring solution built on Nagios Core, including dashboards, web-based configuration, advanced reporting and rich data visualization. An OS command injection vulnerability exists in /usr/local/nagiosxi/html/includes/configwizards/windowswmi/windowswmi.inc.php in Nagio...
PT-2020-19557 · Mcafee · Mcafee Mvision Endpoint
Name of the Vulnerable Software and Affected Versions: McAfee MVISION Endpoint versions prior to 20.11 Description: The issue allows remote attackers to gain control of a resource or trigger arbitrary code execution via improper input validation of an HTTP request. This can occur when the content...
Design/Logic Flaw
A vulnerability in the web-based GUI of Cisco Integrated Management Controller IMC 3.01c could allow an authenticated, remote attacker to execute arbitrary commands on an affected system. The vulnerability exists because the affected software does not sufficiently sanitize user-supplied HTTP inpu...
CVE-2017-6619
A vulnerability in the web-based GUI of Cisco Integrated Management Controller IMC 3.01c could allow an authenticated, remote attacker to execute arbitrary commands on an affected system. The vulnerability exists because the affected software does not sufficiently sanitize user-supplied HTTP inpu...
CVE-2017-6619
A vulnerability in the web-based GUI of Cisco Integrated Management Controller IMC 3.01c could allow an authenticated, remote attacker to execute arbitrary commands on an affected system. The vulnerability exists because the affected software does not sufficiently sanitize user-supplied HTTP inpu...
CVE-2017-6619
CVE-2017-6619 affects Cisco Integrated Management Controller (IMC) web GUI for version 3.0(1c). The issue arises from insufficient sanitization of HTTP input, allowing an authenticated, remote attacker to send a crafted HTTP POST with deserialized user data to execute arbitrary commands with root...
Cisco Integrated Management Controller Privilege Escalation Vulnerability (cisco-sa-20170419-cimc)
A vulnerability in the web-based GUI of Cisco Integrated Management Controller IMC could allow an authenticated, remote attacker to elevate the privileges of user accounts on the affected device. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced...
dedeCMS latest injection vulnerability a gold-bug warning-the black bar safety net
Brief description: Since the parameters of the variables not be initialized testing and using the class reflection skills leads to plus\feedback.php in the variable $typeid presence of injection risk. Detailed description: Since the official has already released patches and vulnerabilities are no...
PHP Remote File Inclusion
Added: 01/28/2010 Background PHP scripts support the include and require statements, which cause an outside script to be run within the calling script. The included script can be a local file or, in some configurations, the URL of a remote file. Problem The PHP script is vulnerable to a remote fi...
PHP Remote File Inclusion
Added: 01/28/2010 Background PHP scripts support the include and require statements, which cause an outside script to be run within the calling script. The included script can be a local file or, in some configurations, the URL of a remote file. Problem The PHP script is vulnerable to a remote fi...
CVE-2008-5810
WBPublish aka WBPublish.exe in Fujitsu-Siemens WebTransactions 7.0, 7.1, and possibly other versions allows remote attackers to execute arbitrary commands via shell metacharacters in input that is sent through HTTP and improperly used during temporary session data cleanup, possibly related to 1...
CVE-2008-2932
Heap-based buffer overflow in Red Hat adminutil 1.1.6 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via % percent encoded HTTP input to unspecified CGI scripts in Fedora Directory Server. NOTE: this vulnerability exists because of an incorrec...
Heap overflow
Heap-based buffer overflow in Red Hat adminutil 1.1.6 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via % percent encoded HTTP input to unspecified CGI scripts in Fedora Directory Server. NOTE: this vulnerability exists because of an incorrec...
CVE-2008-2932
Heap-based buffer overflow in Red Hat adminutil 1.1.6 allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via % percent encoded HTTP input to unspecified CGI scripts in Fedora Directory Server. NOTE: this vulnerability exists because of an incorrec...