Lucene search
+L

330 matches found

exploitdb
exploitdb
added 2020/01/13 12:0 a.m.149 views

Digi AnywhereUSB 14 - Reflective Cross-Site Scripting

Exploit Title: Digi AnywhereUSB 14 - Reflective Cross-Site Scripting Date: 2019-11-10 Exploit Author: Raspina Net Pars Group Vendor Homepage: https://www.digi.com/products/networking/usb-connectivity/usb-over-ip/awusb Version: 1.93.21.19 CVE : CVE-2019-18859 PoC GET...

6.1CVSS6.5AI score0.02402EPSS
Exploits5
nvd
nvd
added 2020/01/09 9:15 p.m.41 views

CVE-2019-18859

Digi AnywhereUSB 14 allows XSS via a link for the Digi Page...

6.1CVSS6AI score0.02402EPSS
Exploits5References2
osv
osv
added 2020/01/09 9:15 p.m.5 views

CVE-2019-18859

Digi AnywhereUSB 14 allows XSS via a link for the Digi Page...

6.1CVSS6.3AI score0.02402EPSS
Exploits5References2
prion
prion
added 2020/01/09 9:15 p.m.15 views

Design/Logic Flaw

Digi AnywhereUSB 14 allows XSS via a link for the Digi Page...

4.3CVSS5.9AI score0.02402EPSS
Exploits5References2Affected Software1
cvelist
cvelist
added 2020/01/09 8:7 p.m.40 views

CVE-2019-18859

Digi AnywhereUSB 14 allows XSS via a link for the Digi Page...

6AI score0.02402EPSS
Exploits5References2
cve
cve
added 2020/01/09 8:7 p.m.87 views

CVE-2019-18859

Digi AnywhereUSB 14 is affected by a Cross-Site Scripting (XSS) vulnerability triggered via a crafted link to the Digi Page. Public details across multiple sources (CNVD-2020-02220, Packet Storm, Exploit-DB, PT-2020-9993) confirm this issue and describe the affected product as Digi AnywhereUSB 14...

6.1CVSS5.9AI score0.02402EPSS
Exploits5References2Affected Software1
ptsecurity
ptsecurity
added 2020/01/09 12:0 a.m.5 views

PT-2020-9993 · Digi · Digi Anywhereusb

Name of the Vulnerable Software and Affected Versions: Digi AnywhereUSB version 14 Description: The issue allows for cross-site scripting XSS via a link for the Digi Page. Recommendations: For Digi AnywhereUSB version 14, update to a version that includes a fix for this issue, or as a temporary...

6.1CVSS5.9AI score0.02402EPSS
Exploits5References4
cnvd
cnvd
added 2019/12/04 12:0 a.m.5 views

Denial of Service Vulnerability in DIGI PortServer TS 1 TCP Protocol

The PortServer TS series of terminal servers provide simple, reliable and cost-effective serial connections to the network. A denial of service vulnerability exists in the DIGI PortServer TS 1 TCP protocol. An attacker could exploit the vulnerability to launch a denial of service attack...

6.7AI score
Exploits0
nvd
nvd
added 2019/03/21 4:0 p.m.19 views

CVE-2018-20162

Digi TransPort LR54 4.4.0.26 and possible earlier devices have Improper Input Validation that allows users with 'super' CLI access privileges to bypass a restricted shell and execute arbitrary commands as root...

9.9CVSS9.8AI score0.04085EPSS
Exploits3References3
osv
osv
added 2019/03/21 4:0 p.m.5 views

CVE-2018-20162

Digi TransPort LR54 4.4.0.26 and possible earlier devices have Improper Input Validation that allows users with 'super' CLI access privileges to bypass a restricted shell and execute arbitrary commands as root...

9.9CVSS6AI score0.04085EPSS
Exploits3References3
prion
prion
added 2019/03/21 4:0 p.m.16 views

Input validation

Digi TransPort LR54 4.4.0.26 and possible earlier devices have Improper Input Validation that allows users with 'super' CLI access privileges to bypass a restricted shell and execute arbitrary commands as root...

9CVSS9.7AI score0.04085EPSS
Exploits3References3Affected Software1
cve
cve
added 2019/03/17 8:15 p.m.75 views

CVE-2018-20162

CVE-2018-20162 concerns Digi TransPort LR54 (firmware 4.4.0.26 and possibly earlier) where an Improper Input Validation vulnerability in the restricted shell allows a user with super CLI access to bypass the shell restrictions and execute arbitrary commands as root. Connected sources describe the...

9.9CVSS9.8AI score0.04085EPSS
Exploits3References3Affected Software1
packetstorm
packetstorm
added 2019/02/18 12:0 a.m.53 views

Digi TransPort LR54 Restricted Shell Escape

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 CVE-2018-20162: Digi TransPort LR54 Restricted Shell Escape =========================================================== The Digi TransPort LR54 is a high speed LTE router commonly used by industry, infrastructure, retail and public transportation. I...

0.04085EPSS
Exploits3
zdt
zdt
added 2019/02/18 12:0 a.m.74 views

Digi TransPort LR54 Restricted Shell Escape Vulnerability

Digi TransPort LR54 suffers from a restricted shell bypass vulnerability that gets a root shell. CVE-2018-20162: Digi TransPort LR54 Restricted Shell Escape =========================================================== The Digi TransPort LR54 is a high speed LTE router commonly used by industry,...

9.9CVSS0.3AI score0.04085EPSS
Exploits3
openbugbounty
openbugbounty
added 2018/07/08 12:2 p.m.15 views

digi-sign.nl XSS vulnerability

Open Bug Bounty ID: OBB-642259 Description| Value ---|--- Affected Website:| digi-sign.nl Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
openbugbounty
openbugbounty
added 2018/05/04 6:32 p.m.13 views

digi-store.pl XSS vulnerability

Open Bug Bounty ID: OBB-612140 Description| Value ---|--- Affected Website:| digi-store.pl Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
cnvd
cnvd
added 2017/04/25 12:0 a.m.3 views

Panda Driving Letter Android App Has Arbitrary Points Redemption Vulnerability

Panda Driving Letter is a traffic control and travel service software developed by Chengdu Digi Information Technology Co. Panda Driving Letter Android App has an arbitrary points exchange vulnerability. Due to a design flaw in the Panda Driving Letter Android app payment interface, an attacker c...

6.9AI score
Exploits0
cvelist
cvelist
added 2016/10/17 4:0 a.m.18 views

CVE-2003-0588

admin.php in Digi-news 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that does not require a correct password...

6.8AI score0.03099EPSS
Exploits0References1
cve
cve
added 2016/10/17 4:0 a.m.51 views

CVE-2003-0588

CVE-2003-0588 affects Digi-news 1.1. The vulnerability is an authentication bypass in admin.php: a crafted cookie whose username equals the administrator’s name satisfies an improper condition and does not require a correct password. This allows remote attackers to gain admin access without valid...

10CVSS7.2AI score0.03099EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2016/10/17 4:0 a.m.22 views

CVE-2003-0589

admin.php in Digi-ads 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that does not require a correct password...

6.8AI score0.03099EPSS
Exploits0References1
Rows per page
Query Builder