Input validation

Improper input validation vulnerability in the WebManager CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 4.3 SingleServerSafe for Windows and earlier allows attacker to remote file...

CVE-2021-20705

The CVE-2021-20705 entry concerns NEC CLUSTERPRO/EXPRESSCLUSTER X WebManager with an input-validation vulnerability that allows a remote attacker to upload arbitrary files via the network. Affected products include CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and ear...

CVE-2021-20705

Improper input validation vulnerability in the WebManager CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 4.3 SingleServerSafe for Windows and earlier allows attacker to remote file...

CVE-2021-20706

Improper input validation vulnerability in the WebManager CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3 for Windows and earlier, CLUSTERPRO X 4.3 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 4.3 SingleServerSafe for Windows and earlier allows attacker to remote file...

CVE-2021-20706

CVE-2021-20706 is an improper input validation vulnerability in NEC CLUSTERPRO X and EXPRESSCLUSTER X WebManager that permits a remote attacker to upload files via the network. Affected products and versions include CLUSTERPRO X 4.3 for Windows (and earlier), EXPRESSCLUSTER X 4.3 for Windows (and...

NEC Corporation CLUSTERPRO 输入验证错误漏洞

NEC Corporation CLUSTERPRO is a HA clustering software from NEC. An input validation error vulnerability exists in NEC Corporation CLUSTERPRO X version 1.0 and EXPRESSCLUSTER X version 1.0, which stems from insufficient validation of user-supplied input in the software's WebManager. A remote...

NEC Corporation CLUSTERPRO 输入验证错误漏洞

NEC Corporation CLUSTERPRO is a HA clustering software from NEC. An input validation error vulnerability exists in NEC Corporation CLUSTERPRO X version 1.0 and EXPRESSCLUSTER X version 1.0, which stems from insufficient validation of user-supplied input in the software's WebManager. A remote...

MyDomoAtHome REST API Domoticz ISS Gateway 0.2.40 - Information Disclosure Vulnerability

Exploit for hardware platform in category web applications Exploit: MyDomoAtHome REST API Domoticz ISS Gateway 0.2.40 - Information Disclosure Author: LiquidWorm Vendor: Emmanuel Product web page: https://github.com/empierre/MyDomoAtHome https://www.domoticz.com/wiki/ImperiHome...

MyDomoAtHome REST API Domoticz ISS Gateway 0.2.40 - Information Disclosure

Exploit: MyDomoAtHome REST API Domoticz ISS Gateway 0.2.40 - Information Disclosure Date: 2019-12-30 Author: LiquidWorm Vendor: Emmanuel Product web page: https://github.com/empierre/MyDomoAtHome https://www.domoticz.com/wiki/ImperiHome https://docs.imperihome.com/app/iss Affected version: 0.2.40...

CVE-2016-1145

Directory traversal vulnerability in WebManager in NEC EXPRESSCLUSTER X through 3.3 11.31 on Windows and through 3.3 3.3.1-1 on Linux and Solaris allows remote attackers to read arbitrary files via unspecified vectors...

Directory traversal

Directory traversal vulnerability in WebManager in NEC EXPRESSCLUSTER X through 3.3 11.31 on Windows and through 3.3 3.3.1-1 on Linux and Solaris allows remote attackers to read arbitrary files via unspecified vectors...

CVE-2016-1145

The CVE-2016-1145 entry describes a directory traversal flaw in NEC EXPRESSCLUSTER X WebManager. Affected: EXPRESSCLUSTER X 3.3 for Windows (build 11.31) and WebManager 3.3 3.3.1-1 for Linux/Solaris. Impact: remote attacker can read arbitrary server files via unspecified vectors. Root cause: dire...

CVE-2016-1145

Directory traversal vulnerability in WebManager in NEC EXPRESSCLUSTER X through 3.3 11.31 on Windows and through 3.3 3.3.1-1 on Linux and Solaris allows remote attackers to read arbitrary files via unspecified vectors...

EXPRESSCLUSTER X vulnerable to directory traversal

Overview EXPRESSCLUSTER X from NEC Corporation is software to provide high availability HA clustering. EXPRESSCLUSTER X contains an issue in WebManager, which may lead to directory traversal. Yusuke SAKAI of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated...

JVN#03050861: EXPRESSCLUSTER X vulnerable to directory traversal

EXPRESSCLUSTER X from NEC Corporation is software to provide high availability HA clustering. EXPRESSCLUSTER X contains an issue in WebManager, which may lead to directory traversal. Impact Arbitrary files on the server may be viewed by an attacker who can access to the WebManager. Solution Updat...

Spectrum Software WebManager CMS 'pojam' Parameter Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38573/info Spectrum Software WebManager CMS is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

Galatolo Web Manager <= 1.0 - Remote SQL Injection Exploit

No description provided by source. !/usr/bin/perl -w Portal : Galatolo WebManager 1.0 exploit aported password crypted exploit tatjibe password mcrypté :d mgharba :d:d:d:d Founded & Exploited by : Stack Contact: Ev!L = see down Greetz : Houssamix & Djekmani & Jadi & Simo64 & iuoisn & All muslims...

CVE-2010-4899

SQL injection vulnerability in c.php in CMS WebManager-Pro before 8.1 allows remote attackers to execute arbitrary SQL commands via the id parameter...

CVE-2010-4900

Open redirect vulnerability in c.php in CMS WebManager-Pro 8.1 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter...

Open redirect

Open redirect vulnerability in c.php in CMS WebManager-Pro 8.1 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter...