14 matches found
EUVD-2018-2063
Malware in sbrugna...
Zscaler Client Connector 跨站脚本漏洞
Zscaler Client Connector is an application from zscaler. An application installed on a device that ensures that Internet traffic and access to an organization's internal applications are secure and comply with the organization's policies, even when not on the corporate network. A security...
CVE-2018-1000887
Peel shopping peel-shopping910 version contains a Cross Site Scripting XSS vulnerability that can result in an authenticated user injecting java script code in the "Site Name EN" parameter. This attack appears to be exploitable if the malicious user has access to the administration account...
Cross site scripting
Peel shopping peel-shopping910 version contains a Cross Site Scripting XSS vulnerability that can result in an authenticated user injecting java script code in the "Site Name EN" parameter. This attack appears to be exploitable if the malicious user has access to the administration account...
CVE-2018-1000887
Peel shopping peel-shopping910 version contains a Cross Site Scripting XSS vulnerability that can result in an authenticated user injecting java script code in the "Site Name EN" parameter. This attack appears to be exploitable if the malicious user has access to the administration account...
CVE-2018-14068
An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add an admin account via admin.php?m=Admin&c=manager&a=add...
(0Day) Schneider Electric U.motion Builder Local Privilege Escalation Vulnerability
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Schneider Electric U.motion Builder. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the system configuration. The web administration account is s...
Philips VOIP841 (Firmware <= 1.0.4.800) Multiple Vulnerabilities
No description provided by source. .: Philips VOIP841 Multiple Vulnerabilities :. Luca ikki Carettoni - [email protected] Systems affected: Philips VOIP841, Firmware Version 1.0.4.50 and 1.0.4.80, Web Server Version 1.5 simple httpd Systems not affected: n/a a Hidden Administration...
Hewlett-Packard Intelligent Management Center SOM euAccountService Servlet Authentication Bypass Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SOM's euAccountService servlet. No authentication is required to...
Dell KACE K2000 Appliance database administration account allows arbitrary command execution
Overview The Dell KACE K2000 System Deployment Appliance contains a vulnerability that could allow a remote attacker to execute arbitrary commands on an affected device. Description The Dell KACE K2000 Deployment Appliance is an integrated systems provisioning product for large-scale operating...
Philips VOIP841 (Firmware <= 1.0.4.800) Multiple Vulnerabilities
No description provided by source. .: Philips VOIP841 Multiple Vulnerabilities :. Luca "ikki" Carettoni - [email protected] Systems affected: Philips VOIP841, Firmware Version 1.0.4.50 and 1.0.4.80, Web Server Version 1.5 simple httpd Systems not affected: n/a a Hidden Administration...
Philips VOIP841 (Firmware <= 1.0.4.800) Multiple Vulnerabilities
Exploit for hardware platform in category remote exploits ================================================================ Philips VOIP841 Firmware alert"XSS"; HTTP/1.0 d Insecure Storage Skype credentials, web management console passwords, ... /var/jffs2/data/save.dat /tmp/apply.log 0day.today...
philipsvoip-multi.txt
Secure Network - Security Research Advisory Vuln name: Philips VOIP841 Multiple Vulnerabilities Systems affected: Philips VOIP841, Firmware Version 1.0.4.50 and 1.0.4.80, Web Server Version 1.5 simple httpd Systems not affected: n/a Severity: High Local/Remote: Remote Vendor URL:...
Philips VOIP841 Firmware 1.0.4.800 - Multiple Vulnerabilities
.: Philips VOIP841 Multiple Vulnerabilities :. Luca "ikki" Carettoni - [email protected] Systems affected: Philips VOIP841, Firmware Version 1.0.4.50 and 1.0.4.80, Web Server Version 1.5 simple httpd Systems not affected: n/a a Hidden Administration Account web management console...