Lucene search
K

36 matches found

Vulnrichment
Vulnrichment
added 2023/07/26 12:0 a.m.13 views

CVE-2023-37624

Netdisco before v2.063000 was discovered to contain an open redirect vulnerability. An attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links...

7.2AI score0.0055EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/07/26 12:0 a.m.4 views

PT-2023-26046 · Netdisco · Netdisco

Name of the Vulnerable Software and Affected Versions: Netdisco versions prior to 2.063000 Description: The issue allows an attacker to redirect users to arbitrary web URLs by tricking victim users into clicking on crafted links. Recommendations: For versions prior to 2.063000, update to version...

6.1CVSS6.2AI score0.0055EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2023/07/26 12:0 a.m.15 views

CVE-2023-37623

Netdisco before v2.063000 was discovered to contain a cross-site scripting XSS vulnerability via the component /Web/TypeAhead.pm...

6.2AI score0.00524EPSS
Exploits1References4
CVE
CVE
added 2023/07/26 12:0 a.m.49 views

CVE-2023-37623

Netdisco (affected product) prior to version 2.063000 contains a cross-site scripting (XSS) vulnerability in the /Web/TypeAhead.pm component. The root cause is an XSS flaw in that module, enabling an attacker to inject a script that could affect a user’s browser session. The CVE-2023-37623 entry ...

4.8CVSS5AI score0.00524EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2023/07/26 12:0 a.m.20 views

CVE-2023-37623

Netdisco before v2.063000 was discovered to contain a cross-site scripting XSS vulnerability via the component /Web/TypeAhead.pm...

5.2AI score0.00524EPSS
Exploits1References4
Huntr
Huntr
added 2021/09/27 8:13 a.m.11 views

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in netdisco/netdisco

Description Session cookie dancer.session is not marked with 'Secure' Proof of Concept 1. Go to demo page https://netdisco2-demo.herokuapp.com, the page will automatically logs in as guest 2. Open Firefox developer and see that the cookie dancer.session is not marked with 'Secure'...

0.5AI score
Exploits0References1
NVD
NVD
added 2019/09/30 5:15 p.m.16 views

CVE-2019-15810

Insufficient sanitization during device search in Netdisco 2.042010 allows for reflected XSS via manipulation of a URL parameter...

6.1CVSS6.1AI score0.00878EPSS
Exploits0References2
OSV
OSV
added 2019/09/30 5:15 p.m.11 views

CVE-2019-15810

Insufficient sanitization during device search in Netdisco 2.042010 allows for reflected XSS via manipulation of a URL parameter...

6.1CVSS5.8AI score
Exploits0References2
Prion
Prion
added 2019/09/30 5:15 p.m.12 views

Design/Logic Flaw

Insufficient sanitization during device search in Netdisco 2.042010 allows for reflected XSS via manipulation of a URL parameter...

4.3CVSS6AI score0.00878EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/09/30 4:3 p.m.22 views

CVE-2019-15810

Insufficient sanitization during device search in Netdisco 2.042010 allows for reflected XSS via manipulation of a URL parameter...

6.1AI score0.00878EPSS
Exploits0References2
CVE
CVE
added 2019/09/30 4:3 p.m.65 views

CVE-2019-15810

The CVE-2019-15810 entry concerns Netdisco 2.042010, where insufficient sanitization during the device search allows a reflected XSS via manipulation of a URL parameter. The root cause is inadequate input sanitization in the search path; the impact is a reflected cross-site scripting vulnerabilit...

6.1CVSS5.9AI score0.00878EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2008/12/08 11:30 p.m.28 views

CVE-2008-5379

netdisco-mibs-installer 1.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/netdisco-mibs-0.6.tar.gz temporary file, related to the 1 netdisco-mibs-install and 2 netdisco-mibs-download scripts...

6.9CVSS6AI score0.00353EPSS
Exploits0References1
NVD
NVD
added 2008/12/08 11:30 p.m.19 views

CVE-2008-5379

netdisco-mibs-installer 1.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/netdisco-mibs-0.6.tar.gz temporary file, related to the 1 netdisco-mibs-install and 2 netdisco-mibs-download scripts...

6.9CVSS6.4AI score0.00353EPSS
Exploits0References1
Prion
Prion
added 2008/12/08 11:30 p.m.18 views

Code injection

netdisco-mibs-installer 1.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/netdisco-mibs-0.6.tar.gz temporary file, related to the 1 netdisco-mibs-install and 2 netdisco-mibs-download scripts...

6.9CVSS6.9AI score0.00353EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2008/12/08 11:0 p.m.40 views

CVE-2008-5379

Summary: CVE-2008-5379 affects netdisco-mibs-installer 1.0. A local attacker can exploit a symlink attack on the temporary file /tmp/netdisco-mibs-0.6.tar.gz to overwrite arbitrary files, related to the netdisco-mibs-install and netdisco-mibs-download scripts. The vulnerability is labeled as loca...

6.9CVSS6.4AI score0.00353EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2008/12/08 11:0 p.m.22 views

CVE-2008-5379

netdisco-mibs-installer 1.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/netdisco-mibs-0.6.tar.gz temporary file, related to the 1 netdisco-mibs-install and 2 netdisco-mibs-download scripts...

6.4AI score0.00353EPSS
Exploits0References1
Rows per page
Query Builder