5 matches found
EUVD-2018-10273
Malware in sbrugna...
Tenda AC8 formWifiBasicSet function buffer overflow vulnerability
Tenda AC8 is a dual gigabit wireless router from Tenda designed for fiber optic homes up to 1000 megabytes, supporting IPv6 protocol with intelligent network management. A buffer overflow vulnerability exists in the Tenda AC8, which is caused by the formWifiBasicSet function failing to correctly...
Design/Logic Flaw
Leanote 2.6.1 has XSS via the Blog Basic Setting title field, which is mishandled during rendering of the "likes" page...
CVE-2018-18553
Leanote 2.6.1 is affected by a cross-site scripting (XSS) vulnerability in the Blog Basic Setting title field, exploitable via rendering of the Likes page. The issue stems from mishandling the title field during page rendering, allowing injected scripts/HTML to execute in affected contexts. Pub...
PT-2001-2622 · Twig · Twig Webmail
Name of the Vulnerable Software and Affected Versions: TWIG webmail versions 2.7.4 and earlier Description: The default "basic" security setting in config.php for TWIG webmail stores cleartext usernames and passwords in cookies. This could allow attackers to obtain authentication information and...