EUVD-2020-17268

Malware in sbrugna...

EUVD-2022-33561

Malicious code in bioql PyPI...

CVE-2022-29152

The Ericom PowerTerm WebConnect 6.0 login portal can unsafely write an XSS payload from the AppPortal cookie into the page...

Ericom PowerTerm WebConnect Cross-Site Scripting Vulnerability

Ericom PowerTerm WebConnect is a web browser. version 6.0 of Ericom PowerTerm WebConnect is vulnerable to a cross-site scripting vulnerability that originates when the login portal insecurely writes a cross-site scripting attack load to a page from an AppPortal cookie. An attacker could exploit...

CVE-2022-29152

The Ericom PowerTerm WebConnect 6.0 login portal can unsafely write an XSS payload from the AppPortal cookie into the page...

CVE-2022-29152

The Ericom PowerTerm WebConnect 6.0 login portal can unsafely write an XSS payload from the AppPortal cookie into the page...

CVE-2022-29152

The Ericom PowerTerm WebConnect 6.0 login portal can unsafely write an XSS payload from the AppPortal cookie into the page...

CVE-2022-29152

The CVE-2022-29152 entry concerns Ericom PowerTerm WebConnect 6.0 Login Portal. Multiple sources (NVD, CNVD, Red Hat advisories, CVE list) describe a cross-site scripting vulnerability where an XSS payload from the AppPortal cookie can be written into the page, enabling client-side JavaScript exe...

CVE-2022-29152

The Ericom PowerTerm WebConnect 6.0 login portal can unsafely write an XSS payload from the AppPortal cookie into the page...

Ericom PowerTerm WebConnect 跨站脚本漏洞

Ericom PowerTerm WebConnect is a web browser. version 6.0 of Ericom PowerTerm WebConnect is vulnerable to a cross-site scripting vulnerability that originates when the login portal insecurely writes a cross-site scripting attack load to a page from an AppPortal cookie. An attacker could exploit...

CVE-2020-24548

Ericom Access Server 9.2.0 for AccessNow and Ericom Blaze allows SSRF to make outbound WebSocket connection requests on arbitrary TCP ports, and provides "Cannot connect to" error messages to inform the attacker about closed ports...

CVE-2020-24548

Ericom Access Server 9.2.0 for AccessNow and Ericom Blaze allows SSRF to make outbound WebSocket connection requests on arbitrary TCP ports, and provides "Cannot connect to" error messages to inform the attacker about closed ports...

Server side request forgery (ssrf)

Ericom Access Server 9.2.0 for AccessNow and Ericom Blaze allows SSRF to make outbound WebSocket connection requests on arbitrary TCP ports, and provides "Cannot connect to" error messages to inform the attacker about closed ports...

CVE-2020-24548

Ericom Access Server 9.2.0 for AccessNow and Ericom Blaze allows SSRF to make outbound WebSocket connection requests on arbitrary TCP ports, and provides "Cannot connect to" error messages to inform the attacker about closed ports...

CVE-2020-24548

The CVE-2020-24548 entry concerns Ericom Access Server 9.2.0 (AccessNow and Ericom Blaze). A Server-Side Request Forgery (SSRF) vulnerability enables the server to initiate outbound WebSocket connections to arbitrary TCP ports. The issue is evidenced by the application providing a generic “Cannot...

CVE-2020-24548

Ericom Access Server 9.2.0 for AccessNow and Ericom Blaze allows SSRF to make outbound WebSocket connection requests on arbitrary TCP ports, and provides "Cannot connect to" error messages to inform the attacker about closed ports...

Ericom Access Server x64 9.2.0 - Server-Side Request Forgery

Exploit Title: Ericom Access Server x64 9.2.0 - Server-Side Request Forgery Date: 2020-08-22 Exploit Author: hyp3rlinx Vendor Homepage: www.ericom.com Version: Ericom Access Server x64 for AccessNow & Ericom Blaze v9.2.0 CVE: CVE-2020-24548 + Credits: John Page aka hyp3rlinx + Website:...

Ericom Access Server 9.2.0 Server-Side Request Forgery Exploit

Ericom Access Server allows attackers to initiate SSRF requests making outbound connections to arbitrary hosts and TCP ports. Attackers, who can reach the AccessNow server can target internal systems that are behind firewalls that are typically not accessible. This can also be used to target...

Ericom Access Server 9.2.0 Server-Side Request Forgery

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/ERICOM-ACCESS-SERVER-ACCESS-NOW-BLAZE-9.2.0-SERVER-SIDE-REQUEST-FORGERY.txt + twitter.com/hyp3rlinx + ISR: ApparitionSec Vendor www.ericom.com Product Ericom Access Server x64...

Ericom AccessNow Server Stack Buffer Overflow (CVE-2014-3913)

A stack buffer overflow vulnerability exists in Ericom AccessNow Server. The vulnerability is due to improper handling of specially crafted HTTP requests for non-existent files. A remote attacker can exploit this vulnerability by sending a crafted HTTP request...