Lucene search
K

19 matches found

Nuclei
Nuclei
added 7 hours ago7 views

Karel IP Phone IP1211 Web Management Panel - Local File Inclusion

Karel IP Phone IP1211 Web Management Panel is vulnerable to local file inclusion and can allow remote attackers to access arbitrary files stored on the remote device via the 'cgiServer.exx' endpoint and the 'page' parameter. id: CVE-2025-34023 info: name: Karel IP Phone IP1211 Web Management Pane...

8.5CVSS6AI score0.01409EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/04 7:52 a.m.27 views

CVE-2026-1819 Stored XSS in Karel Electronics' ViPort

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Karel Electronics Industry and Trade Inc. ViPort allows Stored XSS. This issue affects ViPort: through 23012026...

8.8CVSS0.00322EPSS
Exploits0References2
CVE
CVE
added 2026/02/04 7:52 a.m.14 views

CVE-2026-1819

CVE-2026-1819 describes a Stored XSS vulnerability in Karel Electronics Industry and Trade Inc. ViPort, caused by improper neutralization of input during web page generation. The issue affects ViPort through version 23012026, enabling injection of malicious scripts into web pages. Red Hat and oth...

8.8CVSS5.5AI score0.00322EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/04 7:52 a.m.3 views

CVE-2026-1819 Stored XSS in Karel Electronics' ViPort

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Karel Electronics Industry and Trade Inc. ViPort allows Stored XSS. This issue affects ViPort: through 23012026...

8.8CVSS5.5AI score0.00322EPSS
Exploits0References2
EUVD
EUVD
added 2026/02/04 7:52 a.m.5 views

EUVD-2026-5429

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Karel Electronics Industry and Trade Inc. ViPort allows Stored XSS.This issue affects ViPort: through 23012026...

8.8CVSS5.3AI score0.00322EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/04 12:0 a.m.7 views

Karel Electronics ViPort 跨站脚本漏洞

Karel Electronics ViPort is an IP video phone terminal produced by the Turkish company Karel Electronics. Versions of Karel Electronics ViPort from 23012026 and earlier contained a cross-site scripting vulnerability. This vulnerability stemmed from improper input during web page generation, and...

8.8CVSS5.7AI score0.00322EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-18777

Malicious code in bioql PyPI...

8.5CVSS6.6AI score0.01409EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/06/23 8:39 a.m.5 views

CVE-2025-34023

A path traversal vulnerability exists in the Karel IP1211 IP Phone's web management panel. The /cgi-bin/cgiServer.exx endpoint fails to properly sanitize user input to the page parameter, allowing remote authenticated attackers to access arbitrary files on the underlying system by using crafted...

8.5CVSS6.8AI score0.01409EPSS
Exploits0References1
NVD
NVD
added 2025/06/20 7:15 p.m.10 views

CVE-2025-34023

A path traversal vulnerability exists in the Karel IP1211 IP Phone's web management panel. The /cgi-bin/cgiServer.exx endpoint fails to properly sanitize user input to the page parameter, allowing remote authenticated attackers to access arbitrary files on the underlying system by using crafted...

8.5CVSS0.01409EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/06/20 6:37 p.m.8 views

CVE-2025-34023 Karel IP Phone IP1211 Path Traversal

A path traversal vulnerability exists in the Karel IP1211 IP Phone's web management panel. The /cgi-bin/cgiServer.exx endpoint fails to properly sanitize user input to the page parameter, allowing remote authenticated attackers to access arbitrary files on the underlying system by using crafted...

8.5CVSS0.01409EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/06/20 6:37 p.m.2 views

CVE-2025-34023 Karel IP Phone IP1211 Path Traversal

A path traversal vulnerability exists in the Karel IP1211 IP Phone's web management panel. The /cgi-bin/cgiServer.exx endpoint fails to properly sanitize user input to the page parameter, allowing remote authenticated attackers to access arbitrary files on the underlying system by using crafted...

8.5CVSS6.4AI score0.01409EPSS
Exploits0References4
CVE
CVE
added 2025/06/20 6:37 p.m.20 views

CVE-2025-34023

CVE-2025-34023 affects the Karel IP1211 IP Phone, specifically the web management panel. The vulnerability is a path traversal in the "/cgi-bin/cgiServer.exx" endpoint where the page parameter is not sanitized, allowing remote authenticated attackers to access arbitrary files on the device. Explo...

8.5CVSS6.4AI score0.01409EPSS
In wildExploits0References4
VulnCheck KEV
VulnCheck KEV
added 2025/06/20 12:0 a.m.3 views

VulnCheck KEV: CVE-2025-34023

A path traversal vulnerability exists in the Karel IP1211 IP Phone's web management panel. The /cgi-bin/cgiServer.exx endpoint fails to properly sanitize user input to the page parameter, allowing remote authenticated attackers to access arbitrary files on the underlying system by using crafted...

8.5CVSS6AI score0.01409EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/20 12:0 a.m.2 views

Karel IP1211 IP Phone 安全漏洞

Karel IP1211 IP Phone is an IP phone from Karel, Turkey. A security vulnerability exists in the Karel IP1211 IP Phone that originates from the /cgi-bin/cgiServer.exx endpoint that does not clean up page parameters, which could lead to a path traversal attack...

8.5CVSS6.5AI score0.01409EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/06/20 12:0 a.m.6 views

PT-2025-26459 · Karel · Karel Ip1211 Ip Phone

Name of the Vulnerable Software and Affected Versions: Karel IP1211 IP Phone affected versions not specified Description: A path traversal issue exists in the web management panel, specifically affecting the "/cgi-bin/cgiServer.exx" endpoint. This endpoint fails to properly sanitize user input to...

8.5CVSS6.1AI score0.01409EPSS
Exploits0References9
Openbugbounty
Openbugbounty
added 2024/03/22 3:12 a.m.5 views

karelgott.mzf.cz Cross Site Scripting vulnerability OBB-3883525

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Packet Storm
Packet Storm
added 2020/10/07 12:0 a.m.563 views

Karel IP Phone IP1211 Web Management Panel Directory Traversal

Exploit Title: Karel IP Phone IP1211 Web Management Panel - Directory Traversal Exploit Author: Berat Gokberk ISLER Date: 2020-09-01 CVE: N/A Type: Webapps Vendor Homepage: https://www.karel.com.tr/urun-cozum/ip1211-ip-telefon Version: IP1211 Details Directory traversal vulnerability on the Karel...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2020/10/06 12:0 a.m.665 views

Karel IP Phone IP1211 Web Management Panel - Directory Traversal

Exploit Title: Karel IP Phone IP1211 Web Management Panel - Directory Traversal Exploit Author: Berat Gokberk ISLER Date: 2020-09-01 CVE: N/A Type: Webapps Vendor Homepage: https://www.karel.com.tr/urun-cozum/ip1211-ip-telefon Version: IP1211 Details Directory traversal vulnerability on the Karel...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2008/04/30 12:0 a.m.31 views

util-linux-ng登录远程日志注入漏洞

BUGTRAQ ID: 28983 CVECAN ID: CVE-2008-1926 util-linux-ng是增强版本的Util-linux软件包,包含有多种linux工具和应用。 util-linux-ng软件包的login.c在记录登录尝试时存在参数注入漏洞,远程攻击者可以在登录名称中添加addr=语句在审计日志中修改部分日志事件,从而隐藏其登录尝试等行为。 Karel Zak util-linux-ng 2.13.1.1 Karel Zak --------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

7.5CVSS1.2AI score0.03973EPSS
Exploits1
Rows per page
Query Builder