Lucene search
K

52 matches found

OSV
OSV
added 2024/07/09 12:0 a.m.17 views

CVE-2024-40738

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/console-ports/id/edit/...

7.1CVSS5.7AI score0.00353EPSS
Exploits1References3
OSV
OSV
added 2024/07/09 12:0 a.m.13 views

CVE-2024-40727

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/console-server-ports/add/...

5.4CVSS5.7AI score0.00353EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/07/09 12:0 a.m.18 views

CVE-2024-40732

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/rear-ports/add/...

5.9AI score0.004EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/07/09 12:0 a.m.30 views

CVE-2024-40731

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/rear-ports/id/edit/...

0.00353EPSS
Exploits1References1
CVE
CVE
added 2024/07/09 12:0 a.m.70 views

CVE-2024-40728

NetBox v4.0.3 is affected by an XSS flaw in the /dcim/console-server-ports/{id}/edit/ Name field due to insufficient filtering/escaping of user input. Multiple sources (Red Hat, CNVD, OSV, NVD, CVE listings) confirm a cross-site scripting vulnerability that could allow an attacker to inject arbit...

7.1CVSS5.8AI score0.00353EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2024/07/09 12:0 a.m.17 views

CVE-2024-40732

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/rear-ports/add/...

7.1CVSS5.7AI score0.004EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/05/24 12:0 a.m.3 views

NetBox 跨站脚本漏洞

NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A security vulnerability exists in NetBox version v3.5.1, which stems from a security issue in the Create Regions /dcim/regions/ function, and can be...

5.4CVSS6.1AI score0.00397EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/05/24 12:0 a.m.4 views

PT-2023-24500 · Netbox · Netbox

Name of the Vulnerable Software and Affected Versions: Netbox version 3.5.1 Description: A stored cross-site scripting XSS issue exists in the Create Sites function, specifically at the /dcim/sites/ endpoint, allowing attackers to execute arbitrary web scripts or HTML by injecting a crafted paylo...

5.4CVSS5.4AI score0.00415EPSS
Exploits1References3
Kitploit
Kitploit
added 2016/07/04 11:30 p.m.225 views

NetBox - IP Address Management (IPAM) and Data Center Infrastructure Management (DCIM) Tool

NetBox is an IP address management IPAM and data center infrastructure management DCIM tool. Initially conceived by the network engineering team at DigitalOcean , NetBox was developed specifically to address the needs of network and infrastructure engineers. NetBox runs as a web application atop...

6.7AI score
Exploits0References2
OpenVAS
OpenVAS
added 2014/11/28 12:0 a.m.28 views

Device42 DCIM Appliance Manager Default Credentials (HTTP)

The remote Device42 DCIM Appliance Manager web interface is using known default credentials. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2014/11/28 12:0 a.m.50 views

Device42 DCIM Appliance Manager 'ping' Command Injection Vulnerability

Device42 DCIM Appliance Manager is prone to a command-injection vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3AI score
Exploits0References1
Packet Storm
Packet Storm
added 2014/11/26 12:0 a.m.33 views

Device42 Embedded Credentials

Remote Authenticated Root in Device42 DCIM Appliance Manager v5.10 and v6.0 http://www.device42.com/download/ Device42 ships virtual appliances ready for production use as a trial essentially dictated by the license provided. The Appliance Manager listens on HTTP no SSL on port 4242 with default...

7.4AI score
Exploits0
Rows per page
Query Builder