52 matches found
CVE-2024-40738
A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/console-ports/id/edit/...
CVE-2024-40727
A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/console-server-ports/add/...
CVE-2024-40732
A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/rear-ports/add/...
CVE-2024-40731
A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/rear-ports/id/edit/...
CVE-2024-40728
NetBox v4.0.3 is affected by an XSS flaw in the /dcim/console-server-ports/{id}/edit/ Name field due to insufficient filtering/escaping of user input. Multiple sources (Red Hat, CNVD, OSV, NVD, CVE listings) confirm a cross-site scripting vulnerability that could allow an attacker to inject arbit...
CVE-2024-40732
A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/rear-ports/add/...
NetBox 跨站脚本漏洞
NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A security vulnerability exists in NetBox version v3.5.1, which stems from a security issue in the Create Regions /dcim/regions/ function, and can be...
PT-2023-24500 · Netbox · Netbox
Name of the Vulnerable Software and Affected Versions: Netbox version 3.5.1 Description: A stored cross-site scripting XSS issue exists in the Create Sites function, specifically at the /dcim/sites/ endpoint, allowing attackers to execute arbitrary web scripts or HTML by injecting a crafted paylo...
NetBox - IP Address Management (IPAM) and Data Center Infrastructure Management (DCIM) Tool
NetBox is an IP address management IPAM and data center infrastructure management DCIM tool. Initially conceived by the network engineering team at DigitalOcean , NetBox was developed specifically to address the needs of network and infrastructure engineers. NetBox runs as a web application atop...
Device42 DCIM Appliance Manager Default Credentials (HTTP)
The remote Device42 DCIM Appliance Manager web interface is using known default credentials. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Device42 DCIM Appliance Manager 'ping' Command Injection Vulnerability
Device42 DCIM Appliance Manager is prone to a command-injection vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Device42 Embedded Credentials
Remote Authenticated Root in Device42 DCIM Appliance Manager v5.10 and v6.0 http://www.device42.com/download/ Device42 ships virtual appliances ready for production use as a trial essentially dictated by the license provided. The Appliance Manager listens on HTTP no SSL on port 4242 with default...