7 matches found
NeDi Consulting NeDi Cross-Site Scripting Vulnerability (CNVD-2020-44578)
NeDi Consulting NeDi is a suite of open source software that supports discovery and mapping of network devices from the Swiss company NeDi Consulting. A cross-site scripting vulnerability exists in NeDi Consulting NeDi version 1.9C. The vulnerability can be exploited to execute arbitrary JavaScri...
NeDi Consulting NeDi Cross-Site Scripting Vulnerability (CNVD-2020-44577)
NeDi Consulting NeDi is a suite of open source software that supports the discovery and mapping of network devices from the Swiss company NeDi Consulting. A cross-site scripting vulnerability exists in NeDi Consulting NeDi version 1.9C. The vulnerability can be exploited to execute arbitrary...
NeDi Consulting NeDi Cross-Site Scripting Vulnerability (CNVD-2020-44576)
NeDi Consulting NeDi is a suite of open source software that supports the discovery and mapping of network devices from the Swiss company NeDi Consulting. A cross-site scripting vulnerability exists in NeDi Consulting NeDi version 1.9C. The vulnerability can be exploited to execute arbitrary...
CVE-2020-15030
NeDi 1.9C is vulnerable to cross-site scripting XSS attack. The application allows an attacker to execute arbitrary JavaScript code via the Topology-Routes.php rtr parameter...
CVE-2020-15035
NeDi 1.9C is vulnerable to cross-site scripting XSS attack. The application allows an attacker to execute arbitrary JavaScript code via the Monitoring-Map.php hde parameter...
NeDi Consulting Unspecified Vulnerability in NeDi
NeDi Consulting NeDi is a suite of open source software that supports the discovery and mapping of network devices from the Swiss company NeDi Consulting. A security vulnerability exists in NeDi Consulting NeDi version 1.9C, which stems from the pwsec.php file not properly escaping shell...
CVE-2020-14414
NeDi 1.9C is vulnerable to Remote Command Execution. pwsec.php improperly escapes shell metacharacters from a POST request. An attacker can exploit this by crafting an arbitrary payload any system commands that contains shell metacharacters via a POST request with a pw parameter. This can also be...