EUVD-2013-6684

Malware in sbrugna...

EUVD-2013-6685

Malware in sbrugna...

cru-chateau-thebaud.fr Cross Site Scripting vulnerability OBB-3518140

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2019-13524

GE PACSystems RX3i CPE100/115: All versions prior to R9.85,CPE302/305/310/330/400/410: All versions prior to R9.90,CRU/320 All versionsEnd of Life may allow an attacker sending specially manipulated packets to cause the module state to change to halt-mode, resulting in a denial-of-service...

CVE-2019-13524

GE PACSystems RX3i CPE100/115: All versions prior to R9.85,CPE302/305/310/330/400/410: All versions prior to R9.90,CRU/320 All versionsEnd of Life may allow an attacker sending specially manipulated packets to cause the module state to change to halt-mode, resulting in a denial-of-service...

CVE-2013-6881

CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 sector size or 2 skip count fields for the forensic imaging task...

CVE-2013-6884

The write-blocker in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a has a default "ditto" username and password, which allows remote attackers to gain privileges...

Design/Logic Flaw

CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 sector size or 2 skip count fields for the forensic imaging task...

Default credentials

The write-blocker in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a has a default "ditto" username and password, which allows remote attackers to gain privileges...

CVE-2013-6884

CVE-2013-6884 affects the CRU Ditto Forensic FieldStation write-blocker firmware up to 2013Oct15a. The issue is a default credential pair (username: ditto, password: ditto) that enables remote attackers to gain privileges. Public references (NVD entry and related advisories) confirm the vulnerabi...

CVE-2013-6884

The write-blocker in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a has a default "ditto" username and password, which allows remote attackers to gain privileges...

CVE-2013-6881

CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 sector size or 2 skip count fields for the forensic imaging task...

CVE-2013-6881

CVE-2013-6881 affects CRU Ditto Forensic FieldStation before firmware 2013Oct15a. The vulnerability allows remote attackers to execute arbitrary commands by injecting shell metacharacters into the imaging task fields (sector size or skip count). Impact: remote code execution with complete confide...

CVE-2013-6882

Multiple cross-site scripting XSS vulnerabilities in CRU Ditto Forensic FieldStation with firmware 2013Oct15a and earlier allow 1 remote attackers to inject arbitrary web script or HTML via the username parameter in a login or 2 remote authenticated users to inject arbitrary web script or HTML vi...

CVE-2013-6883

Cross-site request forgery CSRF vulnerability in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to hijack the authentication of administrators for requests that modify the disk erase technique settings via unspecified vectors...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to hijack the authentication of administrators for requests that modify the disk erase technique settings via unspecified vectors...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in CRU Ditto Forensic FieldStation with firmware 2013Oct15a and earlier allow 1 remote attackers to inject arbitrary web script or HTML via the username parameter in a login or 2 remote authenticated users to inject arbitrary web script or HTML vi...

CVE-2013-6883

CVE-2013-6883 describes a CSRF vulnerability in the CRU Ditto Forensic FieldStation, affecting firmware before 2013-Oct-15a. The issue allows remote attackers to hijack an administrator’s authentication to perform actions that modify the device’s disk-erase technique settings via unspecified vect...

CVE-2013-6883

Cross-site request forgery CSRF vulnerability in CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to hijack the authentication of administrators for requests that modify the disk erase technique settings via unspecified vectors...

CVE-2013-6882

Multiple cross-site scripting XSS vulnerabilities in CRU Ditto Forensic FieldStation with firmware 2013Oct15a and earlier allow 1 remote attackers to inject arbitrary web script or HTML via the username parameter in a login or 2 remote authenticated users to inject arbitrary web script or HTML vi...