Lucene search
K

62 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:22 p.m.12 views

CVE-2020-25494

Xinuos formerly SCO Openserver v5 and v6 allows attackers to execute arbitrary commands via shell metacharacters in outputform or toclevels parameter to cgi-bin/printbook...

9.8CVSS9.8AI score0.39193EPSS
Exploits3
NVD
NVD
added 2024/11/20 7:15 p.m.16 views

CVE-2024-33439

An issue in Kasda LinkSmart Router KW5515 v1.7 and before allows an authenticated remote attacker to execute arbitrary OS commands via cgi parameters...

9.1CVSS0.00546EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/20 12:0 a.m.10 views

CVE-2024-33439

An issue in Kasda LinkSmart Router KW5515 v1.7 and before allows an authenticated remote attacker to execute arbitrary OS commands via cgi parameters...

8AI score0.00546EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/20 12:0 a.m.20 views

CVE-2024-33439

An issue in Kasda LinkSmart Router KW5515 v1.7 and before allows an authenticated remote attacker to execute arbitrary OS commands via cgi parameters...

0.00546EPSS
Exploits0References1
CVE
CVE
added 2024/11/20 12:0 a.m.69 views

CVE-2024-33439

CVE-2024-33439 affects Kasda LinkSmart Router KW5515 (v1.7 and earlier). The issue enables an authenticated remote attacker to execute arbitrary operating system commands via CGI parameters, indicating a remote command execution vulnerability. According to the provided data, the vulnerability is ...

9.1CVSS7.8AI score0.00546EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/03 12:0 a.m.14 views

CVE-2024-41596

Buffer Overflow vulnerabilities exist in DrayTek Vigor310 devices through 4.3.2.6 in the Vigor management UI because of improper retrieval and handling of the CGI form parameters...

7.3AI score0.0033EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/10/03 12:0 a.m.19 views

CVE-2024-41596

Buffer Overflow vulnerabilities exist in DrayTek Vigor310 devices through 4.3.2.6 in the Vigor management UI because of improper retrieval and handling of the CGI form parameters...

0.0033EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2023/06/22 12:0 a.m.4 views

VulnCheck KEV: CVE-2019-20500

D-Link DWL-2600AP access point contains an authenticated command injection vulnerability via the Save Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=configsave configBackup or downloadServerip parameter...

7.8CVSS7.3AI score0.97109EPSS
Exploits3References1
SUSE CVE
SUSE CVE
added 2023/02/15 6:17 a.m.4 views

SUSE CVE-2005-3355

Directory traversal vulnerability in GNU Gnump3d before 2.9.8 has unknown impact via "CGI parameters, and cookie values"...

6.4CVSS7.2AI score0.02226EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/01/11 12:0 a.m.5 views

Zyxel NR7101 安全漏洞

The Zyxel NR7101 is a router from Hopkins Zyxel. A security vulnerability exists in versions prior to Zyxel NR7101 V1.15ACCC.3C0, which stems from a buffer overflow vulnerability in the CGI program parameters that allows an authenticated attacker to cause a denial of service DoS by sending a...

6.5CVSS6.8AI score0.00722EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/09/06 12:0 a.m.5 views

TOTOLINK A860R 安全漏洞

TOTOLINK A860R is a dual-band wireless router with a maximum transmission rate of 1200Mbps, 6-antenna dual-band concurrent technology, and support for remote management by mobile APP, which is suitable for small and medium-sized enterprises and home network environments. TOTOLINK A860R suffers fr...

9.8CVSS7.8AI score0.0149EPSS
Exploits0References2
Prion
Prion
added 2022/04/25 5:15 a.m.20 views

Directory traversal

There is a Directory Traversal vulnerability in Artica Proxy 4.30.000000 SP206 through SP255, and VMware appliance 4.30.000000 through SP273 via the filename parameter to /cgi-bin/main.cgi...

5.5CVSS7.9AI score0.01262EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2019/07/08 1:15 a.m.5 views

CVE-2019-13398

Dynacolor FCM-MB40 v1.2.0.0 devices allow remote attackers to execute arbitrary commands via a crafted parameter to a CGI script, as demonstrated by sed injection in cgi-bin/camctrlsaveprofile.cgi save parameter and cgi-bin/ddns.cgi...

7.2CVSS7.3AI score0.04149EPSS
Exploits1References1
Prion
Prion
added 2019/03/21 4:1 p.m.13 views

Cross site scripting

XSS exists in Ericsson Active Library Explorer ALEX 14.3 in multiple parameters in the "/cgi-bin/alexserv" servlet, as demonstrated by the DB, FN, fn, or id parameter...

4.3CVSS6AI score0.01503EPSS
Exploits2References3Affected Software1
OSV
OSV
added 2019/03/21 4:0 p.m.20 views

CVE-2018-19191

Webmin 1.890 has XSS via /config.cgi?webmin, the /shell/index.cgi history parameter, /shell/index.cgi?stripped=1, or the /webminlog/search.cgi uall or mall parameter...

5.4CVSS5.8AI score
Exploits0References2
Check Point Advisories
Check Point Advisories
added 2016/01/10 12:0 a.m.55 views

Microsoft FrontPage Server Extensions Cross Site Scripting (MS06-017: CVE-2006-0015)

A Cross Site Scripting vulnerability exists in Microsoft FrontPage Server Extensions and Microsoft SharePoint Team Services. The vulnerability is caused as a result of the failure of these products to properly validate certain CGI parameters passed to them. This vulnerability allows arbitrary HTM...

6.8CVSS6AI score0.24408EPSS
Exploits1
NVD
NVD
added 2014/10/13 1:55 a.m.13 views

CVE-2014-1573

Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before 4.2.11, 4.3.x and 4.4.x before 4.4.6, and 4.5.x before 4.5.6 does not ensure that a scalar context is used for certain CGI parameters, which allows remote attackers to conduct cross-site scripting XSS attacks by sending three values...

4.3CVSS5.7AI score0.02326EPSS
Exploits0References15
Prion
Prion
added 2014/10/13 1:55 a.m.15 views

Cross site scripting

Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before 4.2.11, 4.3.x and 4.4.x before 4.4.6, and 4.5.x before 4.5.6 does not ensure that a scalar context is used for certain CGI parameters, which allows remote attackers to conduct cross-site scripting XSS attacks by sending three values...

4.3CVSS6AI score0.02326EPSS
Exploits0References15Affected Software2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

CSSearch 2.3 - Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4368/info csSearch is a website search script, written in Perl. It will run on most Unix and Linux variants, as well as Microsoft operating systems. csSearch is prone to an issue which may enable an attacker to execute Pe...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.21 views

MS IIS 3.0/4.0/5.0 PWS Escaped Characters Decoding Command Execution (7)

No description provided by source. source: http://www.securityfocus.com/bid/2708/info Due to a flaw in the handling of CGI filename program requests, remote users can execute arbitrary commands on an IIS host. When IIS receives a CGI filename request, it automatically performs two actions before...

7.1AI score
Exploits0
Rows per page
Query Builder