29 matches found
EUVD-2026-41895
A missing authorization vulnerability exists in the embedded webserver of HP Deskjet 2800 Series Printers running firmware version =TBP1CN2612AR. An unauthenticated attacker with network access can send GET requests to multiple exposed administrative API endpoints and retrieve sensitive...
CVE-2026-13753
HP Deskjet 2800 Series printers (firmware
PT-2026-55961
Name of the Vulnerable Software and Affected Versions HP Deskjet 2800 Series Printers versions prior to TBP1CN2612AR Description A missing authorization flaw exists in the embedded webserver. An unauthenticated attacker with network access can bypass administrative controls by sending GET request...
EUVD-2001-1318
Malware in sbrugna...
EUVD-2021-22590
Malware in sbrugna...
EUVD-2022-49466
Malicious code in bioql PyPI...
Exploit for Path Traversal in Igniterealtime Openfire
CVE-2023-32315 - Openfire Authentication Bypass This reposito...
Administration Console authentication bypass in openfire xmppserver
An important security issue affects a range of versions of Openfire, the cross-platform real-time collaboration server based on the XMPP protocol that is created by the Ignite Realtime community. Impact Openfire's administrative console the Admin Console, a web-based application, was found to be...
CVE-2022-46670
Rockwell Automation was made aware of a vulnerability by a security researcher from Georgia Institute of Technology that the MicroLogix 1100 and 1400 controllers contain a vulnerability that may give an attacker the ability to accomplish remote code execution. The vulnerability is an...
CVE-2022-46670
Rockwell Automation was made aware of a vulnerability by a security researcher from Georgia Institute of Technology that the MicroLogix 1100 and 1400 controllers contain a vulnerability that may give an attacker the ability to accomplish remote code execution. The vulnerability is an...
Cross site scripting
Rockwell Automation was made aware of a vulnerability by a security researcher from Georgia Institute of Technology that the MicroLogix 1100 and 1400 controllers contain a vulnerability that may give an attacker the ability to accomplish remote code execution. The vulnerability is an...
CVE-2022-46670 Rockwell Automation MicroLogix 1100 & 1400 Vulnerable to Cross-Site Scripting Attack
Rockwell Automation was made aware of a vulnerability by a security researcher from Georgia Institute of Technology that the MicroLogix 1100 and 1400 controllers contain a vulnerability that may give an attacker the ability to accomplish remote code execution. The vulnerability is an...
Exploit for Cross-site Scripting in Akcp Sensorprobe2_Firmware
CVE-2021-35956. Proof of Concept Exploit for CVE-2021-35956,...
WDTV Live SMP 2.03.20 - Remote Password Reset Exploit
Exploit for hardware platform in category web applications WDTV Live SMP Remote Password Reset Vulnerability Date: Jul 14 2017 Author: sw1tch Demo: https://www.sw1tch.net/2017/07/12/wdtv-live-smb-exploit/ Description: A simple remotely exploitable web application vulnerability for the WDTV Live...
WDTV Live SMP 2.03.20 - Remote Password Reset
WDTV Live SMP 2.03.20 - Remote Password Reset WDTV Live SMP Remote Password Reset Vulnerability Date: Jul 14 2017 Author: sw1tch Demo: https://www.sw1tch.net/2017/07/12/wdtv-live-smb-exploit/ Description: A simple remotely exploitable web application vulnerability for the WDTV Live Streaming Medi...
WDTV Live SMP Remote Password Reset
WDTV Live SMP Remote Password Reset Vulnerability Date: Jul 14 2017 Author: sw1tch Demo: https://www.sw1tch.net/2017/07/12/wdtv-live-smb-exploit/ Description: A simple remotely exploitable web application vulnerability for the WDTV Live Streaming Media Player and possibly other WDTV systems...
WDTV Live SMP 2.03.20 - Remote Password Reset
WDTV Live SMP Remote Password Reset Vulnerability Date: Jul 14 2017 Author: sw1tch Demo: https://www.sw1tch.net/2017/07/12/wdtv-live-smb-exploit/ Description: A simple remotely exploitable web application vulnerability for the WDTV Live Streaming Media Player and possibly other WDTV systems...
Yaws 1.91 - Remote File Disclosure
Yaws 1.91 - Remote File Disclosure + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/YAWS-WEB-SERVER-v1.91-UNAUTHENTICATED-REMOTE-FILE-DISCLOSURE.txt + ISR: ApparitionSec Vendor: ========== yaws.hyber.org Product: =========...
Miele Professional PG 8528 - Web Server Directory Traversal(CVE-2017-7240)
Risk Information: Risk Factor: Medium CVSS Base Score: 5.0 CVSS Vector: CVSS2AV:N/AC:L/Au:N/C:P/I:N/A:N CVSS Temporal Vector: CVSS2E:POC/RL:OF/RC:C CVSS Temporal Score: 3.9 Timeline: 2016-11-16 Vulnerability discovered 2016-11-10 Asked for security contact 2016-11-21 Contact with Miele product...
Palo Alto Networks PanOS - appweb3 Stack Buffer Overflow
Palo Alto Networks PanOS - appweb3 Stack Buffer Overflow Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=908 Palo Alto Networks have published a fix for this issue: http://securityadvisories.paloaltonetworks.com/Home/Detail/68 PanOS uses a modified version of the appweb3 embedde...