RICOH Aficio MP 301 Printer Cross Site Scripting

Exploit Title: RICOH Aficio MP 301 Printer - HTML Injection and Stored XSS Date: 2018-09-21 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link :...

RICOH MP C2003 Printer Cross Site Scripting Vulnerability

Exploit for hardware platform in category web applications Exploit Title: RICOH MP C2003 Printer - HTML Injection and Stored XSS Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link :...

RICOH MP C6003 Printer Cross Site Scripting

Exploit Title: RICOH MP C6003 Printer - HTML Injection and Stored XSS Date: 2018-09-21 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link :...

RICOH MP C406Z Printer - Cross-Site Scripting

Exploit Title: RICOH MP C406Z Printer - Cross-Site Scripting Date: 2018-09-21 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link:...

RICOH MP 305+ Printer - Cross-Site Scripting

Exploit Title: RICOH MP 305+ Printer - Cross-Site Scripting Date: 2018-09-21 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link: https://www.ricoh-europe.com/products/office-printers-fax/all-in-one-printers/mp-305sp.html Software: RICOH Printer Product Version: ...

RICOH Aficio MP 301 Printer - Cross-Site Scripting

RICOH Aficio MP 301 Printer - Cross-Site Scripting Exploit Title: RICOH Aficio MP 301 Printer - Cross-Site Scripting Date: 2018-09-21 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link:...

RICOH Aficio MP 301 Printer - Cross-Site Scripting Vulnerability

Exploit for hardware platform in category web applications Exploit Title: RICOH Aficio MP 301 Printer - Cross-Site Scripting Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link:...

RICOH MP 2001 Printer Cross Site Scripting

Exploit Title: RICOH MP 2001 Printer - HTML Injection and Stored XSS Date: 2018-09-13 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link : https://www.ricoh.com.au/products/office-solutions/printers-and-copiers/mfd-black-and-white/mp-2001sp Software : RICOH...

RICOH SP 4510SF Printer Cross Site Scripting

Exploit Title: RICOH SP 4510SF Printer - HTML Injection and Stored XSS Date: 2018-09-13 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link : https://www.ricoh-europe.com/products/office-printers-fax/all-in-one-printers/sp-4510sf.html Software : RICOH Printer...

RICOH MP C4504ex Cross Site Request Forgery

Exploit Title: RICOH MP C4504ex Printer - Cross-Site Request Forgery Add Admin Date: 2018-08-21 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.ricoh.com/ Hardware Link :...

CVE-2018-15877

The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerable to OS command injection via shell metacharacters in the ip parameter of a wp-admin/admin.php?page=plainviewactivitymonitor&tab=activitytools request. Recent assessments: cdelafuente-r7 at November 27, 2019 2:59pm UT...

CVE-2017-12573

An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. The device has a command-injection vulnerability in the web management UI on NAS settings page "/cgi-bin/nasset.cgi". An attacker can send a crafted HTTP POST request to execute arbitrary code. Authentication is...

CVE-2017-12573

PLANEX CS-W50HD devices with firmware prior to 030720 expose a command-injection vulnerability in the web management UI on the NAS settings page at /cgi-bin/nasset.cgi. An attacker can send a crafted HTTP POST request to execute arbitrary code, with authentication required before the attack. This...

Memory corruption

Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to a memory exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server and in some circumstances reboot the system via a crafted HTTP POST request...

Stack overflow

Stack-based Buffer Overflow vulnerability in libUPnPHndlr.so in Belkin Wemo Insight Smart Plug allows remote attackers to bypass local security protection via a crafted HTTP post packet...

CVE-2018-6692

CVE-2018-6692 describes a stack-based buffer overflow in Belkin’s Wemo Insight Smart Plug, specifically in the library libUPnPHndlr.so. The flaw can be triggered by crafting an HTTP POST to UPnP endpoints (notably through the EnergyPerUnitCostVersion field inside a SOAP/UPnP payload), leading to ...

Null pointer dereference

An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. An HTTP POST request with a specially crafted "Host" header field may cause a NULL pointer dereference and thus cause a denial of service, as demonstrated by the lack of a trailing '' character in an IPv6 address...

CVE-2018-15505

An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. An HTTP POST request with a specially crafted "Host" header field may cause a NULL pointer dereference and thus cause a denial of service, as demonstrated by the lack of a trailing '' character in an IPv6 address...

CVE-2018-15505

An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. An HTTP POST request with a specially crafted "Host" header field may cause a NULL pointer dereference and thus cause a denial of service, as demonstrated by the lack of a trailing '' character in an IPv6 address...

Denial of Service in PAN-OS Management Web Interface

Palo Alto Networks makes use of a 3rd-party component impacted by CVE-2018-8715. This issue has been confirmed to present a risk for denial of service to the PAN-OS Management Web Interface. Ref PAN-93089, CVE-2018-8715 A specially crafted HTTP POST request with an invalid “If-modified" header...