RICOH Aficio SP 5210SF Printer HTML Injection

Exploit Title: RICOH Aficio SP 5210SF Printer - 'entryNameIn' HTML Injection Discovery by: Olga Villagran Discovery Date: 2020-03-02 Vendor Homepage: https://www.ricoh.com/ Hardware Link: http://support.ricoh.com/bb/html/drute/rc3/model/sp52s/sp52s.htm?lang=es Product Version: RICOH Aficio SP...

RICOH Aficio SP 5210SF Printer - (entryNameIn) HTML Injection Vulnerability

Exploit for hardware platform in category web applications Exploit Title: RICOH Aficio SP 5210SF Printer - 'entryNameIn' HTML Injection Discovery by: Olga Villagran Vendor Homepage: https://www.ricoh.com/ Hardware Link: http://support.ricoh.com/bb/html/drute/rc3/model/sp52s/sp52s.htm?lang=es...

RICOH Aficio SP 5210SF Printer - entryNameIn HTML Injection

RICOH Aficio SP 5210SF Printer - entryNameIn HTML Injection Exploit Title: RICOH Aficio SP 5210SF Printer - 'entryNameIn' HTML Injection Discovery by: Olga Villagran Discovery Date: 2020-03-02 Vendor Homepage: https://www.ricoh.com/ Hardware Link:...

RICOH Aficio SP 5200S Printer HTML Injection

Exploit Title: RICOH Aficio SP 5200S Printer - 'entryNameIn' HTML Injection Discovery by: Paulina Girón Discovery Date: 2020-03-02 Vendor Homepage: https://www.ricoh.com/ Hardware Link: http://support.ricoh.com/bb/html/drute/re2/model/sp52s/sp52s.htm Product Version: RICOH Aficio SP 5200S Printer...

RICOH Aficio SP 5200S Printer - entryNameIn HTML Injection

RICOH Aficio SP 5200S Printer - entryNameIn HTML Injection Exploit Title: RICOH Aficio SP 5200S Printer - 'entryNameIn' HTML Injection Discovery by: Paulina Girón Discovery Date: 2020-03-02 Vendor Homepage: https://www.ricoh.com/ Hardware Link:...

RICOH Aficio SP 5210SF Printer - 'entryNameIn' HTML Injection

Exploit Title: RICOH Aficio SP 5210SF Printer - 'entryNameIn' HTML Injection Discovery by: Olga Villagran Discovery Date: 2020-03-02 Vendor Homepage: https://www.ricoh.com/ Hardware Link: http://support.ricoh.com/bb/html/drute/rc3/model/sp52s/sp52s.htm?lang=es Product Version: RICOH Aficio SP...

NetSupport Manager RAT Spread via Bogus NortonLifeLock Docs

The legitimate remote access tool RAT called NetSupport Manager, used for troubleshooting and tech support, is being converted into a malicious weapon by cybercriminals. Researchers at Palo Alto Networks’ Unit 42 division have spotted a spam campaign attempting to deliver a malicious Microsoft Wo...

CVE-2020-6061

An exploitable heap out-of-bounds read vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. A specially crafted HTTP POST request can lead to information leaks and other misbehavior. An attacker needs to send an HTTPS request to trigger this vulnerability...

CVE-2020-6062

An exploitable denial-of-service vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. A specially crafted HTTP POST request can lead to server crash and denial of service. An attacker needs to send an HTTP request to trigger this vulnerability...

CVE-2020-6061

An exploitable heap out-of-bounds read vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. A specially crafted HTTP POST request can lead to information leaks and other misbehavior. An attacker needs to send an HTTPS request to trigger this vulnerability...

CVE-2020-6062

An exploitable denial-of-service vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. A specially crafted HTTP POST request can lead to server crash and denial of service. An attacker needs to send an HTTP request to trigger this vulnerability...

CVE-2020-6062

An exploitable denial-of-service vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. A specially crafted HTTP POST request can lead to server crash and denial of service. An attacker needs to send an HTTP request to trigger this vulnerability...

Fruitful Theme < 3.8.1 - Unauthenticated Reflected Cross-Site Scripting (XSS)

The Fruitful WordPress theme, version 3.8 and possibly below, was affected by an unauthenticated Reflected Cross-Site Scripting XSS vulnerability. The vulnerability was patched in version 3.8.1 of the Theme, although the changelog file only mentions: "Bug fix: Fixed issues on comment form" Add a...

ritv.nl Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1073991 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

TP-Link TP-SG105E 1.0.0 - Unauthenticated Remote Reboot

TP-Link TP-SG105E 1.0.0 - Unauthenticated Remote Reboot Exploit Title: TP-Link TP-SG105E 1.0.0 - Unauthenticated Remote Reboot Date: 2020-01-20 Exploit Author: PCEumel Vendor Homepage: https://www.tp-link.com/ Software Link: https://www.tp-link.com/us/support/download/tl-sg105e/Firmware Version:...

TP-Link TP-SG105E 1.0.0 Unauthenticated Remote Reboot

Exploit Title: TP-Link TP-SG105E 1.0.0 - Unauthenticated Remote Reboot Date: 2020-01-20 Exploit Author: PCEumel Vendor Homepage: https://www.tp-link.com/ Software Link: https://www.tp-link.com/us/support/download/tl-sg105e/Firmware Version: TP-Link TP-SG105E V4 Tested on: TP-SG105E V4 1.0.0 Build...

TP-Link TP-SG105E 1.0.0 - Unauthenticated Remote Reboot Vulnerability

Exploit for hardware platform in category web applications Exploit Title: TP-Link TP-SG105E 1.0.0 - Unauthenticated Remote Reboot Exploit Author: PCEumel Vendor Homepage: https://www.tp-link.com/ Software Link: https://www.tp-link.com/us/support/download/tl-sg105e/Firmware Version: TP-Link...

Barco WePresent - file_transfer.cgi Command Injection Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Barco WePresent filetransfer.cgi Command Injection", 'Description' = %q This module exploits an unauthenticated remote command injection...

Barco WePresent - file_transfer.cgi Command Injection (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Barco WePresent filetransfer.cgi Command Injection", 'Description' = %q This module exploits an unauthenticated remote command injection...

PixelStor 5000 K:4.0.1580-20150629 - Remote Code Execution

PixelStor 5000 K:4.0.1580-20150629 - Remote Code Execution Exploit Title: PixelStor 5000 - Remote Code Execution Product: PixelStor 5000 Vendor: Rasilient Date: 2020-01-08 Exploit Author: .:UND3R:. Vendor Homepage: http://rasilient.com Version: K:4.0.1580-20150629 KDI Version Tested on:...