CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

55 matches found

RedhatCVE•added 2026/01/09 11:59 a.m.•3 views

CVE-2018-19612

The /uploadfile? functionality in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allows remote users to upload malicious file types and execute ASP code...

8.8CVSS7.2AI score0.0075EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-15034

Malware in sbrugna...

6.7CVSS6.6AI score0.0038EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2006-3181

Malware in sbrugna...

4CVSS6.4AI score0.0892EPSS

Exploits0References8

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-11299

Malware in sbrugna...

8.8CVSS8.8AI score0.0075EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2005-2625

Malware in sbrugna...

5CVSS6.4AI score0.00336EPSS

Exploits0References2

Tenable Nessus•added 2024/04/03 12:0 a.m.•14 views

Westermo DR-250, DR-260 and MR-260 Unrestricted Upload of File with Dangerous Type (CVE-2018-19612)

The '/uploadfile' functionality in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allows remote users to upload malicious file types and execute ASP code. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 809...

8.8CVSS8.1AI score0.0075EPSS

Exploits0References3

Prion•added 2021/09/15 5:15 p.m.•10 views

Hardcoded credentials

The management tool in MyLittleBackup up to and including 1.7 allows remote attackers to execute arbitrary code because machineKey is hardcoded the same for all customers' installations in web.config, and can be used to send serialized ASP code...

7.5CVSS9.7AI score0.03675EPSS

Exploits0References2Affected Software1

Cvelist•added 2021/09/15 4:16 p.m.•9 views

CVE-2021-39392

10AI score0.03675EPSS

Exploits0References2

OSV•added 2020/11/12 7:15 p.m.•12 views

CVE-2020-27386

An unrestricted file upload issue in FlexDotnetCMS before v1.5.9 allows an authenticated remote attacker to upload and execute arbitrary files by using the FileManager to upload malicious code e.g., ASP code in the form of a safe file type e.g., a TXT file, and then using the FileEditor in v1.5.8...

8.8CVSS7.5AI score

Exploits0References4

NVD•added 2020/05/19 8:15 p.m.•25 views

CVE-2020-13166

The management tool in MyLittleAdmin 3.8 allows remote attackers to execute arbitrary code because machineKey is hardcoded the same for all customers' installations in web.config, and can be used to send serialized ASP code...

9.8CVSS9.8AI score0.77423EPSS

Exploits5References2

Prion•added 2020/05/19 8:15 p.m.•23 views

Hardcoded credentials

7.5CVSS9.8AI score0.77423EPSS

Exploits5References2Affected Software1

ATTACKERKB•added 2020/05/19 12:0 a.m.•37 views

CVE-2020-13166

The management tool in MyLittleAdmin 3.8 allows remote attackers to execute arbitrary code because machineKey is hardcoded the same for all customers’ installations in web.config, and can be used to send serialized ASP code. Recent assessments: wvu-r7 at May 21, 2020 5:50am UTC reported: Metasplo...

9.8CVSS6.5AI score0.77423EPSS

Exploits5References3

NVD•added 2019/05/24 5:29 p.m.•9 views

CVE-2018-19612

The /uploadfile? functionality in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allows remote users to upload malicious file types and execute ASP code...

8.8CVSS8.8AI score0.0075EPSS

Exploits0References2

Prion•added 2019/05/24 5:29 p.m.•8 views

Code injection

The /uploadfile? functionality in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allows remote users to upload malicious file types and execute ASP code...

6.5CVSS8.7AI score0.0075EPSS

Exploits0References2

Cvelist•added 2019/05/24 4:44 p.m.•11 views

CVE-2018-19612

The /uploadfile? functionality in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allows remote users to upload malicious file types and execute ASP code...

8.8AI score0.0075EPSS

Exploits0References2

CNVD•added 2019/05/24 12:0 a.m.•1 views

Westermo DR-260, DR-250 and MR-260 Code Issue Vulnerabilities

Westermo DR-260 and others are products of the Swedish company Westermo.Westermo DR-260 is a DSL router.Westermo DR-250 is a DSL router.Westermo MR-260 is a 3G multimedia router.Westermo MR-260 is a 3G multimedia router.Westermo MR-260 is a 3G multimedia router.Westermo MR-260 is a 3G multimedia...

8.8CVSS7.5AI score0.0075EPSS

Exploits0References1

NVD•added 2017/05/23 5:29 a.m.•11 views

CVE-2017-5965

The package manager in Sitecore CRM 8.1 Rev 151207 allows remote authenticated administrators to execute arbitrary ASP code by creating a ZIP archive in which a .asp file has a ..\ in its pathname, visiting sitecore/shell/applications/install/dialogs/Upload%20Package/UploadPackage2.aspx to upload...

6.7CVSS6.8AI score0.0038EPSS

Exploits1References1

Cvelist•added 2017/05/23 5:14 a.m.•15 views

CVE-2017-5965

6.8AI score0.0038EPSS

Exploits1References1

seebug.org•added 2014/07/01 12:0 a.m.•28 views

Microsoft IIS ASP Multiple Extensions Security Bypass 5.x/6.x

No description provided by source. !/usr/bin/python Exploit Title: Exploit for Microsoft IIS ASP Multiple Extensions Security Bypass 5.x/6.x Date: 29 dec 2009 Author: Emanuele 'emgent' Gentili and Emanuele 'crossbower' Acri Software Link: N/A Version: IIS 5.x/6.x Tested on: Windows 2003 Server SP...

7.1AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•19 views

ASP Stats Generator <= 2.1.1 - SQL Injection Vulnerabilities

No description provided by source. /------------------------------------------------ IHS Public advisory -------------------------------------------------/ ASP Stats Generator SQL-ASP injection - Code Excution ASP Stats Generator is a powerful website counter, completely written in ASP programmin...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by