Lucene search
+L

659 matches found

xssed
xssed
added 2009/10/01 12:0 a.m.10 views

Unfixed XSS vulnerability at www.buffaloapartments.com

Security researcher Xylitol, has submitted on 10/01/2009 a cross-site-scripting XSS vulnerability affecting www.buffaloapartments.com, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 29/11/2011. It is...

Exploits0References1
xssed
xssed
added 2008/06/17 12:0 a.m.9 views

Unfixed XSS vulnerability at search.buffalostate.edu

Security researcher cherokee warrior, has submitted on 17/06/2008 a cross-site-scripting XSS vulnerability affecting search.buffalostate.edu, which at the time of submission ranked 50350 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 12/07/200...

Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.4 views

TeraStation HD-HTGL series cross-site request forgery vulnerability

Overview TeraStation HD-HTGL series provided by Buffalo, Inc. are hard disks for LAN connection and have administrative web interface. The administrative interface for the TeraStation HD-HTGL contains a cross-site request forgety CSRF vulnerability. Impact If a TeraStation HD-HTGL administrator w...

7.6CVSS6.8AI score0.01095EPSS
Exploits0References8
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2008/05/20 3:0 p.m.5 views

Buffalo router configuration management interface vulnerable to remote access and password leakage

Overview Some Buffalo routers have a vulnerability that could allow remote access from the WAN side. A remote attacker could exploit this vulnerability to manipulate a router by gaining administrative privileges. By accessing the management interface, a remote attacker could also obtain user's...

6.4CVSS7AI score
Exploits0References3
xssed
xssed
added 2008/02/15 12:0 a.m.9 views

Unfixed XSS vulnerability at www.buffalo-shop.de

Security researcher Fabian Fingerle, has submitted on 15/02/2008 a cross-site-scripting XSS vulnerability affecting www.buffalo-shop.de, which at the time of submission ranked 107414 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 06/03/2008. I...

0.1AI score
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2007/10/12 12:0 a.m.19 views

JVN#71872818 AirStation series and BroadStation series vulnerable to cross-site request forgery

Buffalo's AirStation series and BroadStation series routers have a web administration interface that can be accessed from a web browser to configure their functional settings. The web administration interface is vulnerable to cross-site request forgery. Impact If the administrator of such a produ...

7.2AI score
Exploits0
NVD
NVD
added 2007/09/11 7:17 p.m.17 views

CVE-2007-4822

Cross-site request forgery CSRF vulnerability in the device management interface in Buffalo AirStation WHR-G54S 1.20 allows remote attackers to make configuration changes as an administrator via HTTP requests to certain HTML pages in the res parameter with an inp req parameter to cgi-bin/cgi, as...

4.3CVSS6.7AI score0.00655EPSS
Exploits1References8
Prion
Prion
added 2007/09/11 7:17 p.m.15 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the device management interface in Buffalo AirStation WHR-G54S 1.20 allows remote attackers to make configuration changes as an administrator via HTTP requests to certain HTML pages in the res parameter with an inp req parameter to cgi-bin/cgi, as...

4.3CVSS7.3AI score0.00655EPSS
Exploits1References8Affected Software1
CVE
CVE
added 2007/09/11 7:0 p.m.43 views

CVE-2007-4822

CVE-2007-4822 affects Buffalo AirStation WHR-G54S (v1.20). A CSRF flaw in the device management interface allows remote attackers to modify configuration via HTTP requests to cgi-bin/cgi pages (e.g., ap.html, filter_ip.html) using res and inp parameters. Impact: integrity partially affected; conf...

4.3CVSS6.8AI score0.00655EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2007/09/11 7:0 p.m.20 views

CVE-2007-4822

Cross-site request forgery CSRF vulnerability in the device management interface in Buffalo AirStation WHR-G54S 1.20 allows remote attackers to make configuration changes as an administrator via HTTP requests to certain HTML pages in the res parameter with an inp req parameter to cgi-bin/cgi, as...

6.7AI score0.00655EPSS
Exploits1References8
securityvulns
securityvulns
added 2007/09/08 12:0 a.m.60 views

Buffalo AirStation WHR-G54S CSRF vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Louhi Networks Oy -= Security Advisory =- Advisory: Buffalo AirStation WHR-G54S Web Management CSRF vulnerability Release Date: 2007-09-07 Last Modified: 2007-09-07 Authors: Henri Lindberg, Associate of ISC henri d0t lindberg at louhi d0t fi...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2007/09/08 12:0 a.m.35 views

Buffalo AirStation WHR-G54S crossite request forgery

Request forgery in administration interface...

4.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2006/10/06 12:0 a.m.7 views

PT-2006-5910 · Buffalo · Buffalo Terastation Hd-Htgl

Name of the Vulnerable Software and Affected Versions: Buffalo TeraStation HD-HTGL firmware versions prior to 2.05 beta 1 Description: A cross-site request forgery issue exists in the administrative interface, allowing remote attackers to modify configurations or delete arbitrary data...

7.6CVSS6.8AI score0.01095EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2005/04/15 12:0 a.m.14 views

JVN#55023557 Buffalo router configuration management interface vulnerable to remote access and password leakage

Impact Configurations could be changed by the remote attacker. As the save configuration stores user's account and password information of ISPs in plain-text format, a remote attacker could steal such information and impersonate a user to gain illegal access. Solution Products Affected BUFFALO...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.20 views

Buffalo Wireless Router Detection (HTTP) (deprecated)

Binary data 1608.prm...

7.3AI score
Exploits0References1
securityvulns
securityvulns
added 2003/04/05 12:0 a.m.38 views

Buffalo AirStation DoS

Small packet flood causes station to hang...

3.1AI score
Exploits0References1
securityvulns
securityvulns
added 2003/04/05 12:0 a.m.22 views

buffalo AirStation G54 - (WBR-G54 ) DoS

Hellow! I found bad bug/owerflow for buffalo g54 airstions: here my simple tests: schem of tests: I used 2 broadband routers Airstation WBR-g54 first named: g54-01, second - g54-02 both broadband routers set to pear-to-pear connection mode not point- multipoint atacker...

1.6AI score
Exploits0
securityvulns
securityvulns
added 2002/11/14 12:0 a.m.32 views

Buffalo AP Denial of Service

Arhont Ltd. - Information Security Arhont Advisory by: Andrei Mikhailovsky www.arhont.com Advisory: Buffalo AP AP Model Name: WLA-L11G Ver.2.31 Wireless Firmware: WLI-PCM-L11G Ver.6.14 Model Specific: Other versions of Buffalo APs might be vulnerable Manufacturer site: http://www.buffalotech.com...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2002/11/14 12:0 a.m.46 views

Buffalo access point DoS

Incomplete HTTP GET request causes device to reboot...

1.9AI score
Exploits0References1
Rows per page
Query Builder