29 matches found
EUVD-2026-41895
A missing authorization vulnerability exists in the embedded webserver of HP Deskjet 2800 Series Printers running firmware version =TBP1CN2612AR. An unauthenticated attacker with network access can send GET requests to multiple exposed administrative API endpoints and retrieve sensitive...
CVE-2026-13753
HP Deskjet 2800 Series printers (firmware
PT-2026-55961
Name of the Vulnerable Software and Affected Versions HP Deskjet 2800 Series Printers versions prior to TBP1CN2612AR Description A missing authorization flaw exists in the embedded webserver. An unauthenticated attacker with network access can bypass administrative controls by sending GET request...
EUVD-2021-22590
Malware in sbrugna...
EUVD-2001-1318
Malware in sbrugna...
EUVD-2022-49466
Malicious code in bioql PyPI...
Exploit for Path Traversal in Igniterealtime Openfire
CVE-2023-32315 - Openfire Authentication Bypass This reposito...
Administration Console authentication bypass in openfire xmppserver
An important security issue affects a range of versions of Openfire, the cross-platform real-time collaboration server based on the XMPP protocol that is created by the Ignite Realtime community. Impact Openfire's administrative console the Admin Console, a web-based application, was found to be...
CVE-2022-46670
Rockwell Automation was made aware of a vulnerability by a security researcher from Georgia Institute of Technology that the MicroLogix 1100 and 1400 controllers contain a vulnerability that may give an attacker the ability to accomplish remote code execution. The vulnerability is an...
CVE-2022-46670
Rockwell Automation was made aware of a vulnerability by a security researcher from Georgia Institute of Technology that the MicroLogix 1100 and 1400 controllers contain a vulnerability that may give an attacker the ability to accomplish remote code execution. The vulnerability is an...
Cross site scripting
Rockwell Automation was made aware of a vulnerability by a security researcher from Georgia Institute of Technology that the MicroLogix 1100 and 1400 controllers contain a vulnerability that may give an attacker the ability to accomplish remote code execution. The vulnerability is an...
CVE-2022-46670 Rockwell Automation MicroLogix 1100 & 1400 Vulnerable to Cross-Site Scripting Attack
Rockwell Automation was made aware of a vulnerability by a security researcher from Georgia Institute of Technology that the MicroLogix 1100 and 1400 controllers contain a vulnerability that may give an attacker the ability to accomplish remote code execution. The vulnerability is an...
Exploit for Cross-site Scripting in Akcp Sensorprobe2_Firmware
CVE-2021-35956. Proof of Concept Exploit for CVE-2021-35956,...
WDTV Live SMP 2.03.20 - Remote Password Reset Exploit
Exploit for hardware platform in category web applications WDTV Live SMP Remote Password Reset Vulnerability Date: Jul 14 2017 Author: sw1tch Demo: https://www.sw1tch.net/2017/07/12/wdtv-live-smb-exploit/ Description: A simple remotely exploitable web application vulnerability for the WDTV Live...
WDTV Live SMP 2.03.20 - Remote Password Reset
WDTV Live SMP 2.03.20 - Remote Password Reset WDTV Live SMP Remote Password Reset Vulnerability Date: Jul 14 2017 Author: sw1tch Demo: https://www.sw1tch.net/2017/07/12/wdtv-live-smb-exploit/ Description: A simple remotely exploitable web application vulnerability for the WDTV Live Streaming Medi...
WDTV Live SMP 2.03.20 - Remote Password Reset
WDTV Live SMP Remote Password Reset Vulnerability Date: Jul 14 2017 Author: sw1tch Demo: https://www.sw1tch.net/2017/07/12/wdtv-live-smb-exploit/ Description: A simple remotely exploitable web application vulnerability for the WDTV Live Streaming Media Player and possibly other WDTV systems...
WDTV Live SMP Remote Password Reset
WDTV Live SMP Remote Password Reset Vulnerability Date: Jul 14 2017 Author: sw1tch Demo: https://www.sw1tch.net/2017/07/12/wdtv-live-smb-exploit/ Description: A simple remotely exploitable web application vulnerability for the WDTV Live Streaming Media Player and possibly other WDTV systems...
Yaws 1.91 - Remote File Disclosure
Yaws 1.91 - Remote File Disclosure + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/YAWS-WEB-SERVER-v1.91-UNAUTHENTICATED-REMOTE-FILE-DISCLOSURE.txt + ISR: ApparitionSec Vendor: ========== yaws.hyber.org Product: =========...
Miele Professional PG 8528 - Web Server Directory Traversal(CVE-2017-7240)
Risk Information: Risk Factor: Medium CVSS Base Score: 5.0 CVSS Vector: CVSS2AV:N/AC:L/Au:N/C:P/I:N/A:N CVSS Temporal Vector: CVSS2E:POC/RL:OF/RC:C CVSS Temporal Score: 3.9 Timeline: 2016-11-16 Vulnerability discovered 2016-11-10 Asked for security contact 2016-11-21 Contact with Miele product...
Palo Alto Networks PanOS - appweb3 Stack Buffer Overflow
Palo Alto Networks PanOS - appweb3 Stack Buffer Overflow Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=908 Palo Alto Networks have published a fix for this issue: http://securityadvisories.paloaltonetworks.com/Home/Detail/68 PanOS uses a modified version of the appweb3 embedde...