Lucene search
+L

143 matches found

CNVD
CNVD
added 2021/12/29 12:0 a.m.13 views

SLICAN WebCTI Cross-Site Scripting Vulnerability

SLICAN WebCTI is a telephony application. A cross-site scripting vulnerability exists in SLICAN WebCTI version 1.01 2015, which can be exploited by an attacker to steal a user's session by injecting malicious JavaScript code, which can lead to session hijacking and result in theft of user...

6.1CVSS5.9AI score0.00641EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/12/28 12:0 a.m.4 views

SLICAN WebCTI 跨站脚本漏洞

SLICAN WebCTI is a telephony application. A cross-site scripting vulnerability exists in SLICAN WebCTI version 1.01 2015, which can be exploited by an attacker to steal a user's session by injecting malicious JavaScript code, which can lead to session hijacking and result in theft of user...

6.1CVSS5.2AI score0.00641EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2021/09/10 1:34 p.m.7 views

CVE-2021-38339 Simple Matted Thumbnails <= 1.01 Reflected Cross-Site Scripting

The Simple Matted Thumbnails WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to a reflected $SERVER"PHPSELF" value in the /simple-matted-thumbnail.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.01...

6.1CVSS6.1AI score0.00895EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2021/06/04 12:0 a.m.177 views

FileCOPA FTP Server 1.01 Denial Of Service

!/usr/bin/perl e-mail: [email protected] Date: 04/06/2021 Version Vulnerable: FileCOPA FTP Server 1.01 OS Tested: Windows XP PACK 3 Brazilian e Windows 2000 Youtube video: https://youtu.be/A9cEoyY9Bd4 badchars \0x00\0x0a use Net::FTP; use Term::ANSIColor; $sis="$^O"; print $sis; if $sis...

7.4AI score
Exploits0
OSV
OSV
added 2021/04/07 8:15 a.m.5 views

CVE-2021-20684

Cross-site scripting vulnerability in MagazinegerZ v.1.01 allows remote attackers to inject an arbitrary script via unspecified vectors...

6.1CVSS5.9AI score0.00756EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/03/25 12:0 a.m.9 views

CGI Script Market Magazine Gar Z 跨站脚本漏洞

CGI Script Market Magazine Gar Z is a CGI Script Market open source application. A CGI script that provides e-mail press release distribution capabilities for Web sites. A security vulnerability exists in Magazinger Z v.1.01, which originates from an arbitrary script that can be executed on a web...

6.1CVSS6.4AI score0.00756EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2020/10/14 12:0 a.m.309 views

TimeClock Software 1.01 SQL Injection

!/usr/bin/python3 Exploit Title: TimeClock Software 1.01 Authenticated Time-Based SQL Injection Date: July 21, 2020 Exploit Author: François Bibeau Co Author: Tyler Butler, http://tbutler.org, https://twitter.com/tbutler0x90 Vendor Homepage: http://timeclock-software.net/ Software Link:...

0.1AI score
Exploits0
OSV
OSV
added 2019/09/16 1:15 p.m.3 views

CVE-2016-10964

The dwnldr plugin before 1.01 for WordPress has XSS via the User-Agent HTTP header...

6.1CVSS5.8AI score0.0102EPSS
Exploits2References2
CNVD
CNVD
added 2019/04/02 12:0 a.m.6 views

D-Link DSL-3782 OS Command Injection Vulnerability

The D-Link DSL-3782 is a wireless router from AUO D-Link of Taiwan, China. An operating system command injection vulnerability exists in the D-Link DSL-3782 with firmware version 1.01. The vulnerability arises from a network system or product that does not properly filter special characters,...

9CVSS8AI score0.04498EPSS
Exploits1References1
CNVD
CNVD
added 2018/12/19 12:0 a.m.3 views

ABB M2M ETHERNET Improper Authentication Vulnerability

ABB M2M ETHERNET is a network analysis device from ABB Switzerland. An authorization issue vulnerability exists in ABB M2M ETHERNET FW version 2.22 and earlier and ETH-FW version 1.01 and earlier. An attacker can exploit this vulnerability to upload malicious language files...

4.3CVSS7AI score0.00787EPSS
Exploits0References1
0day.today
0day.today
added 2018/05/25 12:0 a.m.68 views

DLink #DSL2750B OS Command Injection Exploit

This Metasploit module exploits a remote command injection vulnerability in D-Link DSL-2750B devices. Vulnerability can be exploited through "cli" parameter that is directly used to invoke "ayecli" binary. Vulnerable firmwares are from 1.01 up to 1.03. This module requires Metasploit:...

0.4AI score
Exploits0
Metasploit
Metasploit
added 2018/05/13 5:58 p.m.55 views

D-Link DSL-2750B OS Command Injection

This module exploits a remote command injection vulnerability in D-Link DSL-2750B devices. Vulnerability can be exploited through "cli" parameter that is directly used to invoke "ayecli" binary. Vulnerable firmwares are from 1.01 up to 1.03. This module requires Metasploit:...

0.6AI score
Exploits0
Positive Technologies
Positive Technologies
added 2018/04/05 12:0 a.m.10 views

PT-2018-3913 · D Link · D-Link Dsl-3782

Name of the Vulnerable Software and Affected Versions: D-Link DSL-3782 versions 1.01 Description: The issue is related to a buffer overflow in the /userfs/bin/tcapi binary of the Diagnostics component in the D-Link DSL-3782 router's firmware. This can be exploited by passing a long buffer as the...

9CVSS9.1AI score0.02653EPSS
Exploits1References3
OSV
OSV
added 2017/08/08 3:29 p.m.4 views

CVE-2017-10188

Vulnerability in the Hospitality Hotel Mobile component of Oracle Hospitality Applications subcomponent: Suite 8/Android. The supported version that is affected is 1.01. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Hospitality Hotel Mobile...

5.5CVSS7.3AI score0.00428EPSS
Exploits0References3
CNVD
CNVD
added 2017/07/27 12:0 a.m.4 views

Oracle Hospitality Hotel Mobile Local Vulnerability

Oracle Hospitality Applications is a suite of business applications, servers and storage solutions for hotel management from Oracle. The solution provides human resources cost management, provide customer service throughout the journey tracking management to improve customer satisfaction, etc...

5.5CVSS6.5AI score0.00428EPSS
Exploits0References1
CNVD
CNVD
added 2017/06/27 12:0 a.m.3 views

D-Link DIR-100 Cross-Site Request Forgery Vulnerability

The D-Link DIR-100 is a compact broadband router with integrated firewall functionality. A cross-site request forgery vulnerability exists in D-Link DIR-100 version 1.01. It allows remote attackers to construct malicious URIs, trick users into parsing them, and can perform malicious actions in th...

7AI score
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

Pixie CMS 1.01 - 1.04 - Blind SQL Injections

No description provided by source. Exploit Title: Pixie CMS 1.01 - 1.04 pixieuser Blind SQL Injection Google Dork: None Date: 11/14/2011 Author: Piranha, piranhaattorontomail.com Software Link: http://www.getpixie.co.uk/ Version: 1.01 - 1.04 Tested on: Windows XP SP3, Pixie versions: 1.01 - 1.04...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Ocean12 ASP Calendar Manager 1.0 Authentication Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/15329/info Ocean12 ASP Calendar Manager is prone to an authentication bypass vulnerability. This is due to to an access validation error in the application. The application does properly verify access privileges and allow...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.10 views

LushiNews <= 1.01 (comments.php) Remote SQL Injection Exploit

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.11 views

BusyBox 1.01 HTTPD Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20067/info The httpd daemon of BusyBox is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from...

7.1AI score
Exploits0
Rows per page
Query Builder