Lucene search
+L

44 matches found

CNNVD
CNNVD
added 2021/04/06 12:0 a.m.4 views

DMA Softlab DMA Radius Manager 跨站请求伪造漏洞

DMA Softlab DMA Radius Manager is an application from DMA Softlab Inc. Easy-to-use management system for Mikrotik, Cisco, StarOS, Chillispot, DD-WRT, pfSense NAS devices and DOCSIS CMTS. A cross-site request forgery vulnerability exists in DMA Softlab Radius Manager 4.4.0 that allows adding a new...

8.8CVSS7.7AI score0.0352EPSS
Exploits4References6
NVD
NVD
added 2021/04/02 1:15 p.m.10 views

CVE-2021-29011

DMA Softlab Radius Manager 4.4.0 is affected by Cross Site Scripting XSS via the description, name, or address field under admin.php...

6.1CVSS0.01392EPSS
Exploits3References3
NVD
NVD
added 2021/04/02 1:15 p.m.14 views

CVE-2021-29012

DMA Softlab Radius Manager 4.4.0 assigns the same session cookie to every admin session. The cookie is valid when the admin is logged in, but is invalid temporarily during times when the admin is logged out. In other words, the cookie is functionally equivalent to a static password, and thus...

9.8CVSS0.03205EPSS
Exploits3References3
OSV
OSV
added 2021/04/02 1:15 p.m.7 views

CVE-2021-29012

DMA Softlab Radius Manager 4.4.0 assigns the same session cookie to every admin session. The cookie is valid when the admin is logged in, but is invalid temporarily during times when the admin is logged out. In other words, the cookie is functionally equivalent to a static password, and thus...

9.8CVSS7.3AI score0.03205EPSS
Exploits3References3
OSV
OSV
added 2021/04/02 1:15 p.m.4 views

CVE-2021-29011

DMA Softlab Radius Manager 4.4.0 is affected by Cross Site Scripting XSS via the description, name, or address field under admin.php...

6.1CVSS6.3AI score0.01392EPSS
Exploits3References3
Prion
Prion
added 2021/04/02 1:15 p.m.12 views

Cross site scripting

DMA Softlab Radius Manager 4.4.0 is affected by Cross Site Scripting XSS via the description, name, or address field under admin.php...

4.3CVSS6AI score0.01392EPSS
Exploits3References3Affected Software1
CVE
CVE
added 2021/04/02 12:53 p.m.79 views

CVE-2021-29011

CVE-2021-29011 affects DMA Softlab Radius Manager 4.4.0 and is described as a Cross Site Scripting (XSS) vulnerability exploitable via the description, name, or address fields under admin.php. The connected documents corroborate an XSS issue with this version; CVSS metrics in the primary entry sh...

6.1CVSS7.3AI score0.01392EPSS
Exploits3References3Affected Software1
Cvelist
Cvelist
added 2021/04/02 12:53 p.m.18 views

CVE-2021-29011

DMA Softlab Radius Manager 4.4.0 is affected by Cross Site Scripting XSS via the description, name, or address field under admin.php...

6.2AI score0.01392EPSS
Exploits3References3
Cvelist
Cvelist
added 2021/04/02 12:51 p.m.17 views

CVE-2021-29012

DMA Softlab Radius Manager 4.4.0 assigns the same session cookie to every admin session. The cookie is valid when the admin is logged in, but is invalid temporarily during times when the admin is logged out. In other words, the cookie is functionally equivalent to a static password, and thus...

9.6AI score0.03205EPSS
Exploits3References3
CVE
CVE
added 2021/04/02 12:51 p.m.65 views

CVE-2021-29012

DMA Softlab Radius Manager 4.4.0 suffers a session-management flaw where the same admin session cookie is issued to all admin sessions. The cookie remains valid while logged in but is temporarily invalid when logged out, effectively acting as a static password and enabling permanent access if sto...

9.8CVSS9.3AI score0.03205EPSS
Exploits3References3Affected Software1
CNNVD
CNNVD
added 2021/04/02 12:0 a.m.5 views

DMA Softlab Radius Manager 跨站脚本漏洞

DMA Softlab Radius Manager is an application from DMA Softlab Inc. An easy-to-use management system for Mikrotik, Cisco, StarOS, Chillispot, DD-WRT, pfSense NAS devices and DOCSIS CMTS. A cross-site scripting vulnerability exists in DMA Softlab Radius Manager version 4.4.0, which originates from...

6.1CVSS5.1AI score0.01392EPSS
Exploits3References5
CNNVD
CNNVD
added 2021/04/02 12:0 a.m.7 views

DMA Softlab Radius Manager 授权问题漏洞

DMA Softlab Radius Manager is an application from DMA Softlab Inc. An easy-to-use management system for Mikrotik, Cisco, StarOS, Chillispot, DD-WRT, pfSense NAS devices and DOCSIS CMTS. An unauthorized access vulnerability exists in DMA Softlab Radius Manager version 4.4.0 that stems from a cooki...

9.8CVSS5.5AI score0.03205EPSS
Exploits3References5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

Radius Manager 3.8.0 - Multiple XSS Vulnerabilities

No description provided by source...

7.1AI score
Exploits0
0day.today
0day.today
added 2013/01/12 12:0 a.m.19 views

Radius Manager 3 & 4 Cross Site Script Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /...

7.1AI score
Exploits0
0day.today
0day.today
added 2012/04/06 12:0 a.m.25 views

Radius Manager V3.0.0=>4.0 CSRF Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2011/10/21 12:0 a.m.28 views

Radius Manager 3.9.0 SQL Injection

Exploit Title: Radius Manager V3.9.0 Sql Injection Date: 16-10-2011 Author: Mehdi Boukazoula Software Link: http://www.dmasoftlab.com Version: v 3.9.0 Tested on: v 3.9.0 with Postgresql, PHP 5.2.6, Apache 2.2.8, Description : In the page of "http://127.0.0.1/admin.php" the parameter "cont" is not...

0.3AI score
Exploits0
NVD
NVD
added 2010/12/22 3:0 a.m.30 views

CVE-2010-4275

Multiple cross-site scripting XSS vulnerabilities in Radius Manager 3.8.0 allow remote authenticated administrators to inject arbitrary web script or HTML via the 1 name or 2 descr parameter in an a updateusergroup or a b storenas action to admin.php...

3.5CVSS5.4AI score0.01272EPSS
Exploits4References4
CVE
CVE
added 2010/12/22 1:0 a.m.51 views

CVE-2010-4275

Radius Manager 3.8.0 is affected by multiple stored XSS vulnerabilities. The issue arises in the admin.php actions update_usergroup and store_nas, where unsanitized inputs for name/descr can inject arbitrary script/HTML. Exploitation requires an authenticated administrator; impact is limited to t...

3.5CVSS5.4AI score0.01272EPSS
Exploits4References4Affected Software1
Cvelist
Cvelist
added 2010/12/22 1:0 a.m.35 views

CVE-2010-4275

Multiple cross-site scripting XSS vulnerabilities in Radius Manager 3.8.0 allow remote authenticated administrators to inject arbitrary web script or HTML via the 1 name or 2 descr parameter in an a updateusergroup or a b storenas action to admin.php...

5.4AI score0.01272EPSS
Exploits4References4
exploitpack
exploitpack
added 2010/12/17 12:0 a.m.14 views

Radius Manager 3.6 - Multiple Cross-Site Scripting Vulnerabilities

Radius Manager 3.6 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/45481/info Radius Manager is prone to multiple cross-site-scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to...

0.2AI score
Exploits0
Rows per page
Query Builder