148 matches found
Unauthorized access vulnerability in Transmission web control
Transmission Web Control is the Transmission browser management interface. An unauthorized access vulnerability exists in Transmission web control, which can be exploited by an attacker to bypass authentication and arbitrarily control the download, delete, or upload functionality of an applicatio...
CVE-2020-1181
A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls, aka 'Microsoft SharePoint Server Remote Code Execution Vulnerability'...
Authentication flaw
An exploitable authentication bypass vulnerability exists in the ESPON Web Control functionality of Epson EB-1470Ui MAIN: 98009273ESWWV107 MAIN2: 8X7325WWV303. A specially crafted series of HTTP requests can cause authentication bypass resulting in information disclosure. An attacker can send an...
EPSON Epson EB-1470Ui Web Control Authentication Bypass Vulnerability
The EPSON EB-1470Ui is a full HD laser short-throw interactive projector from Epson Japan. A security vulnerability exists in the Epson Web Control feature in the Epson EB-1470Ui version 98009273ESWWV107 and version 8X7325WWV303. An attacker could exploit the vulnerability via a specially crafted...
PT-2020-18918 · Epson · Epson Eb-1470Ui Main +1
Name of the Vulnerable Software and Affected Versions: Epson EB-1470Ui MAIN version 98009273ESWWV107 Epson EB-1470Ui MAIN2 version 8X7325WWV303 Description: An exploitable authentication bypass issue exists in the ESPON Web Control functionality. A specially crafted series of HTTP requests can...
Vulnerability Spotlight: Authentication bypass vulnerability in some Epson projectors
Yuri Kramarz of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. The Epson EB-1470UI Projector contains an authentication bypass vulnerability in its web control functionality. This projector allows users to control it over the web. However, an adversary could trick a user into...
Epson EB-1470Ui ESPON Web Control Authentication Bypass Vulnerability
Summary An exploitable authentication bypass vulnerability exists in the ESPON Web Control functionality of Epson EB-1470Ui MAIN: 98009273ESWWV107 MAIN2: 8X7325WWV303. A specially crafted series of HTTP requests can cause authentication bypass resulting in information disclosure. An attacker can...
The vulnerability of the HTTP(S) software control modules of Belden Hirschmann HiOS and Belden Hirschmann HiSecOS allows a perpetrator to gain unauthorized access to confidential information.
The vulnerability of the HTTPS software control modules of Belden Hirschmann HiOS and Belden Hirschmann HiSecOS relates to errors in handling authentication requests. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to sensitive information through specially...
ClonOS WEB control panel cross-site scripting vulnerability
ClonOS is an open source platform based on FreeBSD. The platform is mainly used for the creation and management of virtual environments. web control panel is one of the web-based ClonOS control panel. A cross-site scripting vulnerability exists in the index.php file in the ClonOS WEB control pane...
CVE-2019-18418
clonos.php in ClonOS WEB control panel 19.09 allows remote attackers to gain full access via change password requests because there is no session management...
Default credentials
clonos.php in ClonOS WEB control panel 19.09 allows remote attackers to gain full access via change password requests because there is no session management...
Cross site scripting
A cross-site scripting XSS vulnerability in index.php in ClonOS WEB control panel 19.09 allows remote attackers to inject arbitrary web script or HTML via the lang parameter...
CVE-2019-18418
CVE-2019-18418 affects ClonOS WEB control panel version 19.09. The issue is in clonos.php where there is no session management, enabling remote attackers to gain full access by sending password-change requests. Multiple sources (NVD/NVD mirrors and security advisories) describe an authentication/...
CVE-2019-18418
clonos.php in ClonOS WEB control panel 19.09 allows remote attackers to gain full access via change password requests because there is no session management...
CVE-2019-18419
The provided connected records confirm CVE-2019-18419 is a cross-site scripting (XSS) flaw in ClonOS WEB control panel 19.09, specifically in index.php with the lang parameter. Root cause is described in CNVD as lack of proper validation of client-side data, enabling injection of arbitrary script...
CVE-2019-18419
A cross-site scripting XSS vulnerability in index.php in ClonOS WEB control panel 19.09 allows remote attackers to inject arbitrary web script or HTML via the lang parameter...
ClonOS WEB control panel authorization issue vulnerability
ClonOS is an open source platform based on FreeBSD. The platform is mainly used for the creation and management of virtual environments. web control panel is one of the web-based ClonOS control panel. An authorization issue vulnerability exists in the clonos.php file in ClonOS WEB control panel...
Ajenti Remote Command Execution Vulnerability
Ajenti is a web control panel written in python and angularjs. Ajenti suffers from a remote command execution vulnerability. An attacker can execute commands on a local monitoring server while testing...
Ajenti 2.1.31 - Remote Code Execution
Ajenti 2.1.31 - Remote Code Execution Title: Ajenti 2.1.31 - Remote Code Execution Author: Jeremy Brown Date: 2019-10-13 Software Link: https://github.com/ajenti/ajenti CVE: N/A Tested on: Ubuntu Linux !/usr/bin/python ajentix.py Ajenti Remote Command Execution Exploit ------- Details -------...
CVE-2019-15571
The WEB control panel before 2019-04-30 for ClonOS allows SQL injection in clonos.php...