57 matches found
EUVD-2013-2621
Malware in sbrugna...
EUVD-2013-2623
Malware in sbrugna...
EUVD-2013-2618
Malware in sbrugna...
EUVD-2023-54100
Malicious code in bioql PyPI...
CVE-2023-4228
A vulnerability has been identified in ioLogik 4000 Series ioLogik E4200 firmware versions v1.6 and prior, where the session cookies attribute is not set properly in the affected application. The vulnerability may lead to security risks, potentially exposing user session data to unauthorized acce...
CVE-2023-4229
A vulnerability has been identified in ioLogik 4000 Series ioLogik E4200 firmware versions v1.6 and prior, potentially exposing users to security risks. This vulnerability may allow attackers to trick users into interacting with malicious content, leading to unintended actions or unauthorized dat...
CVE-2023-4230 ioLogik 4000 Series: Server Banner Information Disclosure
A vulnerability has been identified in ioLogik 4000 Series ioLogik E4200 firmware versions v1.6 and prior, which has the potential to facilitate the collection of information on ioLogik 4000 Series devices. This vulnerability may enable attackers to gather information for the purpose of assessing...
CVE-2023-4229
CVE-2023-4229 affects the MOXA ioLogik 4000 Series, specifically the ioLogik E4200 with firmware versions v1.6 and earlier. The available documents describe an issue described as “Improper Restriction of UI” and “Session Headers Not Implemented,” with the core risk that attackers could coerce use...
CVE-2023-4228
CVE-2023-4228 affects ioLogik 4000 Series (ioLogik E4200) firmware v1.6 and earlier. The underlying issue is that session cookies are not configured with HttpOnly (and related attributes) as described across multiple sources, potentially allowing unauthorized access to session data. Public disclo...
CVE-2023-4227
A vulnerability has been identified in the ioLogik 4000 Series ioLogik E4200 firmware versions v1.6 and prior, which can be exploited by malicious actors to potentially gain unauthorized access to the product. This could lead to security breaches, data theft, and unauthorized manipulation of...
CVE-2023-4227
A vulnerability has been identified in the ioLogik 4000 Series ioLogik E4200 firmware versions v1.6 and prior, which can be exploited by malicious actors to potentially gain unauthorized access to the product. This could lead to security breaches, data theft, and unauthorized manipulation of...
Information disclosure
A vulnerability has been identified in the ioLogik 4000 Series ioLogik E4200 firmware versions v1.6 and prior, which can be exploited by malicious actors to potentially gain unauthorized access to the product. This could lead to security breaches, data theft, and unauthorized manipulation of...
CVE-2013-2679
Multiple cross-site scripting XSS vulnerabilities in Cisco Linksys E4200 router with firmware 1.0.05 build 7 allow remote attackers to inject arbitrary web script or HTML via the 1 logtype, 2 pingip, 3 pingsize, 4 submittype, or 5 tracerouteip parameter to apply.cgi or 6 newworkgroup or 7...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Cisco Linksys E4200 router with firmware 1.0.05 build 7 allow remote attackers to inject arbitrary web script or HTML via the 1 logtype, 2 pingip, 3 pingsize, 4 submittype, or 5 tracerouteip parameter to apply.cgi or 6 newworkgroup or 7...
CVE-2013-2679
CVE-2013-2679 describes multiple reflected XSS vulnerabilities in Cisco Linksys E4200 routers (firmware 1.0.05 build 7). The flaws affect the web admin interface via parameters on apply.cgi and storage/apply.cgi (log_type, ping_ip, ping_size, submit_type, traceroute_ip, new_workgroup, submit_butt...
CVE-2013-2679
Multiple cross-site scripting XSS vulnerabilities in Cisco Linksys E4200 router with firmware 1.0.05 build 7 allow remote attackers to inject arbitrary web script or HTML via the 1 logtype, 2 pingip, 3 pingsize, 4 submittype, or 5 tracerouteip parameter to apply.cgi or 6 newworkgroup or 7...
CVE-2013-2684
Cross-site Scripting XSS in Cisco Linksys E4200 1.0.05 Build 7 devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2013-2683
Cisco Linksys E4200 1.0.05 Build 7 devices contain an Information Disclosure Vulnerability which allows remote attackers to obtain private IP addresses and other sensitive information...
Information disclosure
Cisco Linksys E4200 1.0.05 Build 7 devices contain an Information Disclosure Vulnerability which allows remote attackers to obtain private IP addresses and other sensitive information...
Cross site scripting
Cross-site Scripting XSS in Cisco Linksys E4200 1.0.05 Build 7 devices allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...