CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

524 matches found

Japan Vulnerability Notes•added 2008/03/18 12:0 a.m.•24 views

JVN#13159997 Multiple I-O DATA DEVICE wireless LAN routers default configuration does not set authentication

The authentication for the web administration interface for the WN-APG/R-Series and WN-WAPG/R-Series wireless LAN routers from I-O DATA DEVICE is disabled in the default configuration. This vulnerability may allow a remote attacker to access the web administration interface without authentication...

7.5AI score

Exploits0

NVD•added 2008/02/20 9:44 p.m.•14 views

CVE-2008-0838

Multiple cross-site scripting XSS vulnerabilities in the web administration interface in Sophos ES1000 and ES4000 Email Security Appliance 2.1.0.0 allow remote attackers to inject arbitrary web script or HTML via the 1 error and 2 go parameters to the login page...

4.3CVSS5.8AI score0.04191EPSS

Exploits1References8

Cvelist•added 2008/02/20 9:0 p.m.•24 views

CVE-2008-0838

5.8AI score0.04191EPSS

Exploits1References8

securityvulns•added 2008/02/16 12:0 a.m.•23 views

SOPHOS Email Security Appliance crossite scripting

Administration interface crossite scripting...

2.5AI score

Exploits0References1

securityvulns•added 2008/01/15 12:0 a.m.•32 views

F5 BIG-IP crossite scripting

Administration interface crossite scripting...

1.8AI score

Exploits0References2Affected Software1

Cvelist•added 2008/01/10 12:0 a.m.•22 views

CVE-2008-0127

The administration interface in McAfee E-Business Server 8.5.2 and earlier allows remote attackers to cause a denial of service crash and execute arbitrary code via a long initial authentication packet...

7.8AI score0.08564EPSS

Exploits0References11

securityvulns•added 2008/01/09 12:0 a.m.•25 views

McAfee E-Business Server buffer overflow

TCP/1718 administration interface buffer overflow...

4.1AI score

Exploits0References1Affected Software1

securityvulns•added 2007/11/17 12:0 a.m.•44 views

Aruba Mobility Controller crossite scripting

Crossite scripting in administration interface...

2.3AI score

Exploits0References1Affected Software1

Packet Storm•added 2007/09/26 12:0 a.m.•28 views

simpgb14602-xss.txt

netVigilance Security Advisory 67 SimpGB version 1.46.02 Multiple XSS Attack Vulnerabilities Description: SimpGB is a guestbook with data stored in MySQL, administration interface and support for multiple languages. Features: Data stored in MySQL, Administration interface, Support for multiple...

7.4AI score

Exploits0

Packet Storm•added 2007/09/26 12:0 a.m.•45 views

simpgb14602-disclose.txt

netVigilance Security Advisory 65 SimpGB version 1.46.02 File Content Disclosure Vulnerability Description: SimpGB is a guestbook with data stored in MySQL, administration interface and support for multiple languages. Features: Data stored in MySQL, Administration interface, Support for multiple...

7.4AI score

Exploits0

securityvulns•added 2007/09/26 12:0 a.m.•46 views

SimpGB version 1.46.02 File Content Disclosure Vulnerability

7AI score

Exploits0

securityvulns•added 2007/09/26 12:0 a.m.•87 views

SimpGB version 1.46.02 Multiple Path Disclosure Vulnerabilities

netVigilance Security Advisory 64 SimpGB version 1.46.02 Multiple Path Disclosure Vulnerabilities Description: SimpGB is a guestbook with data stored in MySQL, administration interface and support for multiple languages. Features: Data stored in MySQL, Administration interface, Support for multip...

7AI score

Exploits0

NVD•added 2007/09/24 10:17 p.m.•14 views

CVE-2007-5058

Cross-site scripting XSS vulnerability in the Web administration interface in Barracuda Spam Firewall before firmware 3.5.10.016 allows remote attackers to inject arbitrary web script or HTML via the username field in a login attempt, which is not properly handled when the Monitor Web Syslog scre...

4.3CVSS5.7AI score0.01569EPSS

Exploits0References10

Cvelist•added 2007/09/24 10:0 p.m.•18 views

CVE-2007-5058

5.7AI score0.01569EPSS

Exploits0References10

securityvulns•added 2007/09/08 12:0 a.m.•34 views

Buffalo AirStation WHR-G54S crossite request forgery

Request forgery in administration interface...

4.2AI score

Exploits0References1

Prion•added 2007/08/28 12:17 a.m.•11 views

Cross site scripting

Cross-site scripting XSS vulnerability in Ipswitch WSFTP allows remote attackers to inject arbitrary web script or HTML via arguments to a valid command, which is not properly handled when it is displayed by the view log option in the administration interface. NOTE: this can be leveraged to creat...

4.3CVSS6.1AI score0.01631EPSS

Exploits0References5

CVE•added 2007/08/28 12:0 a.m.•43 views

CVE-2007-4555

CVE-2007-4555 describes a cross-site scripting (XSS) vulnerability in Ipswitch WS_FTP's administration interface. The issue occurs when arguments to a valid command are not properly sanitized and are displayed by the view log option, enabling an attacker to inject arbitrary web script or HTML. Th...

4.3CVSS5.7AI score0.01631EPSS

Exploits0References5Affected Software1

Prion•added 2007/08/22 11:17 p.m.•12 views

Design/Logic Flaw

The administration interface in the Planet VC-200M VDSL2 router allows remote attackers to cause a denial of service administration interface outage via an HTTP request without a Host header...

5CVSS7.1AI score0.01653EPSS

Exploits0References6

securityvulns•added 2007/08/21 12:0 a.m.•353 views

Planet VC-200M DSL router DoS

Inaccessible administration interface on HTTP GET request with missed Host: header...

5CVSS1.5AI score0.01653EPSS

Exploits0References1

NVD•added 2007/08/03 9:17 p.m.•27 views

CVE-2007-4159

index.html in the HTTP administration interface in certain daemons in TIBCO Rendezvous RV 7.5.2 allows remote attackers to obtain sensitive information, such as a user name and IP addresses, via a direct request...

5CVSS6.4AI score0.01256EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by