EUVD-2000-0497

Malware in sbrugna...

CVE-2021-43841

XWiki is a generic wiki platform offering runtime services for applications built on top of it. When using default XWiki configuration, it's possible for an attacker to upload an SVG containing a script executed when executing the download action on the file. This problem has been patched so that...

CVE-2024-56433

shadow-utils aka shadow 4.4 through 4.17.0 establishes a default /etc/subuid behavior e.g., uid 100000 through 165535 for the first user account that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by...

FiberHome HG6245D devices 默认配置问题漏洞

FiberHome HG6245D devices is a router from FiberHome, China. It provides network connectivity. A default configuration issue vulnerability exists in the FiberHome HG6245D devices, which can be exploited by an attacker to gain access to the internal management interface...

Certain NETGEAR devices Default Configuration Issue Vulnerability

NETGEAR Route Serices are a series of wireless routers from NETGEAR. Certain NETGEAR devices are vulnerable to a default configuration issue and the following products and versions are affected: AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, CBK40 before 2.5.0.10, CBR40...

D-Link DSL-2888A Default Configuration Issue Vulnerability

The D-link DSL-2888A is a Unified Services Router from D-link China. A default configuration issue vulnerability exists in the D-Link DSL-2888A devices, which can be exploited by an attacker to access system folders and download sensitive files e.g., password hash files...

Multiple Samsung Products Default Configuration Issue Vulnerability

Samsung mobile devices O are products of Samsung Corporation in South Korea.Samsung mobile devices O is a series of cell phones.Samsung mobile devices P is a series of mobile hard drives.Samsung mobile devices Q is a series of TVs.Samsung mobile devices Q is a series of TVs. Samsung mobile device...

Microsoft Windows XP - Weak Default Configuration

Microsoft Windows XP - Weak Default Configuration // source: https://www.securityfocus.com/bid/11410/info Microsoft Windows XP Service Pack 2 is reported prone to a weak default configuration vulnerability. Internet Connection Firewall ICF includes functionality that controls what binaries are...

aspWebCalendar /aspWebAlbum: SQL injection

1Introduction "aspWebCalendar is an .asp Active Server Pages script that allows you to easily create an online events calendar that supports multiple users. Easy installation and usage are the key features of aspWebCalendar. The script contains a text file with a few configuration variables that...

Apache 1.3.x < 2.0.48 mod_userdir - Remote Users Disclosure

/ m00-apache-w00t.c Apache 1.3.-2.0.48 remote users disclosure exploit by m00 Security. Proof-of-Concept edition This tool scans remote hosts with httpd apache and disclosure information about existens users accounts via wrong default configuration of moduserdir default apache module. Then attemp...

Trlinux Postaci Webmail 1.1.3 - Password Disclosure

Trlinux Postaci Webmail 1.1.3 - Password Disclosure source: https://www.securityfocus.com/bid/2029/info Postaci Webmail is a database-driven web e-mail system. PostACI contains a vulnerability in its default configuration that may allow a remote attacker to gain access to the underlying database...