118 matches found
Code injection
Atlassian Eucalyptus before 4.4.1, when in EDGE mode, allows remote authenticated users with certain privileges to cause a denial of service E2 service outage via unspecified vectors...
CVE-2016-9346
An issue was discovered in Moxa MiiNePort E1 versions prior to 1.8, E2 versions prior to 1.4, and E3 versions prior to 1.1. Configuration data are stored in a file that is not encrypted...
CVE-2016-9344
The CVE-2016-9344 issue affects Moxa MiiNePort E1 (pre-1.8), E2 (pre-1.4), and E3 (pre-1.1) devices. Affects the authentication flow by allowing an attacker to brute-force an active session cookie to download configuration files. Reported impact includes potential exposure of configuration data; ...
CVE-2016-2295
Moxa MiiNePortE14641 devices with firmware 1.1.10 Build 09120714, MiiNePortE17080 devices with firmware 1.1.10 Build 09120714, MiiNePortE21242 devices with firmware 1.1 Build 10080614, MiiNePortE24561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build...
CVE-2016-2286
Moxa MiiNePortE14641 devices with firmware 1.1.10 Build 09120714, MiiNePortE17080 devices with firmware 1.1.10 Build 09120714, MiiNePortE21242 devices with firmware 1.1 Build 10080614, MiiNePortE24561 devices with firmware 1.1 Build 10080614, and MiiNePort E3 devices with firmware 1.0 Build...
e2.emediate.se Open Redirect vulnerability
Vulnerable URL: http://e2.emediate.se/eas?camp=121995;kw=ringspann;EASLink=https://xssposed.org Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| Open Redirect Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated...
SQL Injection in Е2
Advisory ID: HTB23222 Product: Е2 Vendor: Ilya Birman Vulnerable Versions: v2844 and probably prior Tested Version: v2844 Advisory Publication: July 2, 2014 without technical details Vendor Notification: July 2, 2014 Vendor Patch: July 3, 2014 Public Disclosure: July 23, 2014 Vulnerability Type:...
CVE-2014-4736
SQL injection vulnerability in E2 before 2.4 2845 allows remote attackers to execute arbitrary SQL commands via the note-id parameter to @actions/comment-process...
Sql injection
SQL injection vulnerability in E2 before 2.4 2845 allows remote attackers to execute arbitrary SQL commands via the note-id parameter to @actions/comment-process...
CVE-2014-4736
SQL injection vulnerability in E2 before 2.4 2845 allows remote attackers to execute arbitrary SQL commands via the note-id parameter to @actions/comment-process...
CVE-2014-4736
CVE-2014-4736 describes an SQL injection in E2 before 2.4 (2845) via the note-id parameter to /@actions/comment-process. The root cause is insufficient input sanitization, allowing remote attackers to inject arbitrary SQL commands, potentially adding/modifying/deleting records or gaining site acc...
E2 2844 SQL Injection Vulnerability
E2 version 2844 suffers from a remote SQL injection vulnerability. Product: Е2 Vendor: Ilya Birman Vulnerable Versions: v2844 and probably prior Tested Version: v2844 Advisory Publication: July 2, 2014 without technical details Vendor Notification: July 2, 2014 Vendor Patch: July 3, 2014 Public...
E2 2844 SQL Injection
Advisory ID: HTB23222 Product: Е2 Vendor: Ilya Birman Vulnerable Versions: v2844 and probably prior Tested Version: v2844 Advisory Publication: July 2, 2014 without technical details Vendor Notification: July 2, 2014 Vendor Patch: July 3, 2014 Public Disclosure: July 23, 2014 Vulnerability Type:...
Ilya Birman E2 - @actionscomment-process SQL Injection
Ilya Birman E2 - @actionscomment-process SQL Injection source: https://www.securityfocus.com/bid/68843/info Ilya Birman E2 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this issue to compromise the application,...
Ilya Birman E2 - '/@actions/comment-process' SQL Injection
source: https://www.securityfocus.com/bid/68843/info Ilya Birman E2 is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities ...
Indian Officials Get Training from Hackers who cracked CERN's IT system
Two Argentina-based cyber security experts - Chris Russo and Fernando Viacanel, who claimed to have cracked the security code of IT systems involved in the discovery of 'God Particle', today conducted training sessions for Indian government officials. Both the hackers are partners of IT security...
E2 Photo Gallery 0.9 - index.php Cross-Site Scripting
E2 Photo Gallery 0.9 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/47697/info E2 Photo Gallery is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...
E2 Photo Gallery 0.9 - 'index.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/47697/info E2 Photo Gallery is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...