DomainMOD 4.13.0 - Cross-Site Scripting

DomainMOD 4.13.0 is vulnerable to cross-site scripting via reporting/domains/cost-by-owner.php in the "or Expiring Between" parameter. id: CVE-2020-20988 info: name: DomainMOD 4.13.0 - Cross-Site Scripting author: arafatansari severity: medium description: | DomainMOD 4.13.0 is vulnerable to...

ABB Cylon Aspect 3.07.02 sshUpdate.php Unauthenticated Remote SSH Service Control

ABB Cylon Aspect 3.07.02 sshUpdate.php Unauthenticated Remote SSH Service Control Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.07.02 Summary: ASPECT is an award-winning scalable building...

TELSAT marKoni FM Transmitter 1.9.5 Backdoor Account Vulnerability

TELSAT marKoni FM Transmitter version 1.9.5 has a hidden super administrative account factory that has the hardcoded password inokram25 that allows full access to the web management interface configuration. TELSAT marKoni FM Transmitter 1.9.5 Backdoor Account Vendor: TELSAT Srl Product web page:...

aiohttp is vulnerable to directory traversal

Summary Improperly configuring static resource resolution in aiohttp when used as a web server can result in the unauthorized reading of arbitrary files on the system. Details When using aiohttp as a web server and configuring static routes, it is necessary to specify the root path for static...

Siemens Desigo PX 6.00 Denial Of Service

!/bin/bash Siemens Desigo PX V6.00 Web Remote Denial of Service Exploit Vendor: Siemens AG Vendor web page: https://www.siemens.com Product web page: https://new.siemens.com/global/en/products/buildings/automation/desigo.html Affected version: Model: PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D...

Collabtive SQL Injection Vulnerability

No description provided by source. ANATOLIA SECURITY ADVISORY --------------------------- ADVISORY INFO + Title: Collabtive SQL Injection Vulnerability + Advisory URL: http://www.anatoliasecurity.com/adv/as-adv-2010-004.txt + Advisory ID: 2010-004 + Version: 0.65 + Date: 12/10/2010 + Impact:...

Toko Lite CMS 1.5.2 (edit.php) HTTP Response Splitting Vulnerability

No description provided by source. Toko Lite CMS 1.5.2 edit.php HTTP Response Splitting Vulnerability Vendor: Toko Product web page: http://toko-contenteditor.pageil.net Affected version: 1.5.2 Summary: Toko Web Content Editor cms is a compact, multi language, open source web editor and content...

Toko Lite CMS 1.5.2 HTTP Response Splitting

Toko Lite CMS 1.5.2 edit.php HTTP Response Splitting Vulnerability Vendor: Toko Product web page: http://toko-contenteditor.pageil.net Affected version: 1.5.2 Summary: Toko Web Content Editor cms is a compact, multi language, open source web editor and content management system CMS. It is advance...

Collabtive 0.65 - SQL Injection

Collabtive 0.65 - SQL Injection ANATOLIA SECURITY ADVISORY --------------------------- ADVISORY INFO + Title: Collabtive SQL Injection Vulnerability + Advisory URL: http://www.anatoliasecurity.com/adv/as-adv-2010-004.txt + Advisory ID: 2010-004 + Version: 0.65 + Date: 12/10/2010 + Impact: Imprope...

Joomla! Component com_universal - Remote File Inclusion

Joomla! Component comuniversal - Remote File Inclusion Joomla component comuniversal = Remote File Inclusion Vulnerability exploit +Software: Joomla component comuniversal UWCMS Universal Web CMS +Version: 1.0.0 +License: http://www.gnu.org/copyleft/gpl.html GNU/GPL +Source:...

Joomla component com_universal <= Remote File Inclusion Vulnerability

Exploit for php platform in category web applications ===================================================================== Joomla component comuniversal = Remote File Inclusion Vulnerability ===================================================================== +Software: Joomla component...

Joomla component com_universal &lt;= Remote File Inclusion Vulnerability exploit

Joomla component comuniversal = Remote File Inclusion Vulnerability exploit +Software: Joomla component comuniversal UWCMS Universal Web CMS +Version: 1.0.0 +License: http://www.gnu.org/copyleft/gpl.html GNU/GPL +Source: http://uwcms.sourceforge.net +CWE ID : 98 +Security Risk: High +Remote...

Joomla! Component com_universal - Remote File Inclusion

Joomla component comuniversal = Remote File Inclusion Vulnerability exploit +Software: Joomla component comuniversal UWCMS Universal Web CMS +Version: 1.0.0 +License: http://www.gnu.org/copyleft/gpl.html GNU/GPL +Source: http://uwcms.sourceforge.net +CWE ID : 98 +Security Risk: High +Remote...