dotCMS 5.1.1 - HTML Injection

Exploit Title: dotCMS 5.1.1 - HTML Injection Date: 2019-05-09 Exploit Author: Ismail Tasdelen Vendor Homepage: https://dotcms.com/ Software Link: https://github.com/dotCMS Software: dotCMS Product Version: 5.1.1 Vulernability Type: Code Injection Vulenrability: HTML Injection and Cross-site...

RICOH SP 4520DN Printer - HTML Injection

Exploit Title: RICOH SP 4520DN Printer - HTML Injection Date: 2019-05-06 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link: https://www.ricoh-europe.com/products/office-printers-fax/single-function-printers/sp-4520dn.html Software: RICOH Printer Product Version...

Code injection

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to act as a moderator to a slide show via crafted HTTP POST requests to conference.cgi. A remote, unauthenticated attacker can use this vulnerability to start, stop, and disconnect active slideshows...

Code injection

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code sending a crafted HTTP POST request to login.cgi. A remote, unauthenticated attacker can use this vulnerability to download the current slide image without knowing the access code...

CVE-2019-3934

CVE-2019-3934 affects Crestron AM-100 (firmware 1.6.0.2) and AM-101 (firmware 2.7.0.2). A crafted HTTP POST to login.cgi bypasses the presentation code, enabling a remote, unauthenticated attacker to download the current slide image without the access code. The available sources describe the affe...

CVE-2018-16216

A command injection missing input validation, escaping in the monitoring or memory status web interface in AudioCodes 405HD firmware 2.2.12 VoIP phone allows an authenticated remote attacker in the same network as the device to trigger OS commands like starting telnetd or opening a reverse shell...

Apache Solr 5.x <= 5.5.5 or 6.x <= 6.6.5 Deserialization Vulnerability

The version of Apache Solr running on the remote web server is affected by a remote code execution vulnerability in the Config API due to unsafe deserialization of Java objects. An unauthenticated, remote attacker can exploit this, via an HTTP POST request that points the JMX server to a maliciou...

CVE-2018-19934

SolarWinds Serv-U FTP Server 15.1.6.25 has reflected cross-site scripting XSS in the Web management interface via URL path and HTTP POST parameter...

Cross site scripting

SolarWinds Serv-U FTP Server 15.1.6.25 has reflected cross-site scripting XSS in the Web management interface via URL path and HTTP POST parameter...

cutt.us Cross Site Scripting vulnerability OBB-775618

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| cutt.us ---|--- Open Bug Bounty Program...

uliege.be Cross Site Scripting vulnerability OBB-773645

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| uliege.be ---|--- Open Bug Bounty...

Critical severity vulnerability that affects org.apache.solr:solr-core

In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of Solr's unsafe deserialization to trigger remote code execution on the Solr side...

Remote Code Execution (RCE)

solr-core is vulnerable to remote code execution RCE. The vulnerability exists as ConfigAPI allows editing of the configuration for the Solar's JMX server through a HTTP POST request, which could be used to point to a malicious RMI server, resulting in unsafe deserialization...

Remote code execution

In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of Solr's unsafe deserialization to trigger remote code execution on the Solr side...

CVE-2019-0192

In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of Solr's unsafe deserialization to trigger remote code execution on the Solr side...

Stack overflow

The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, unauthenticated attacker to /GponForm/fsetupForm. An attacker can leverage this vulnerability to potentially execute arbitrary code...

CVE-2019-3922

The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, unauthenticated attacker to /GponForm/fsetupForm. An attacker can leverage this vulnerability to potentially execute arbitrary code...

CVE-2019-3921

The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, authenticated attacker to /GponForm/usbForm?script/. An attacker can leverage this vulnerability to potentially execute arbitrary cod...

Stack overflow

The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, authenticated attacker to /GponForm/usbForm?script/. An attacker can leverage this vulnerability to potentially execute arbitrary cod...

CVE-2019-3922

The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to a stack buffer overflow via crafted HTTP POST request sent by a remote, unauthenticated attacker to /GponForm/fsetupForm. An attacker can leverage this vulnerability to potentially execute arbitrary code...