9 matches found
CVE-2025-36748
ShineLan-X contains a stored cross site scripting XSS vulnerability in the local configuration web server. The JavaScript code snippet can be inserted in the communication module’s settings center. This may allow attackers to force a legitimate user’s browser’s JavaScript engine to run malicious...
EUVD-2015-2959
Malware in sbrugna...
PT-2024-7956 · Siemens · Sinema Remote Connect Server
Name of the Vulnerable Software and Affected Versions: SINEMA Remote Connect Server versions prior to V3.2 SP1 Description: The issue is related to improper authorization. It allows a remote attacker to gain unauthorized access to participant groups they should not have access to. The vulnerabili...
Epson Printers Authentication Bypass Vulnerability (Nov 2022)
Epson printers TM-C3500 and TM-C7500 series are prone to an authentication bypass vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...
CVE-2010-3140
Untrusted search path vulnerability in Microsoft Windows Internet Communication Settings on Windows XP SP3 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse schannel.dll that is located in the same folder as an ISP fi...
Design/Logic Flaw
Untrusted search path vulnerability in Microsoft Windows Internet Communication Settings on Windows XP SP3 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse schannel.dll that is located in the same folder as an ISP fi...
Microsoft Windows Internet Communication Settings - 'schannel.dll' DLL Hijacking
/ Exploit Title: Windows Internet Communication Settings DLL Hijacking Exploit schannel.dll Date: 25/08/2010 Author: ALPdaemon Email: ALPdaemon at yahoo dot com Software Link: N/A Tested on: Windows XP SP3 English Extension: .isp / include int alpdaemon WinExec"calc", SWSHOW; exit0; return 0; BOO...
Symantec Veritas NetBackup通讯设置远程权限提升漏洞
BUGTRAQ ID: 33772 Veritas NetBackup是大型的数据备份应用系统。 在正常的管理登录过程中Veritas NetBackup服务器会通过Veritas网络守护程序vnetd与客户端通讯,而这个通讯过程在初始通讯设置时没有正确地过滤用户提供数据,可能允许能够访问目标主机所在本地网络的非特权用户向系统注入任意代码,之后以管理权限执行。成功利用这个漏洞可能导致内存破坏和拒绝服务,或在目标主机上获得管理权限。 Symantec VERITAS NetBackup 6.5 Symantec VERITAS NetBackup 6.0 Symantec VERITAS...
CVE-2007-1557
Format string vulnerability in F-Secure Anti-Virus Client Security 6.02 allows local users to cause a denial of service and possibly gain privileges via format string specifiers in the Management Server name field on the Communication settings page...