Lucene search
+L

69 matches found

wpvulndb
wpvulndb
added 2020/01/08 12:0 a.m.14 views

Minimal Coming Soon & Maintenance Mode < 2.17 - Insecure permissions: Export Settings/Theme Change

There was a flaw that would allow any user logged in as a subscriber or above to export the plugin settings as a .txt file or modify the theme of the maintenance page on a vulnerable site. PoC Login with subscriber or above permissions and send the following request to export the plugin settings:...

5.5CVSS1.1AI score0.0107EPSS
Exploits2References1Affected Software1
wpexploit
wpexploit
added 2020/01/08 12:0 a.m.27 views

Minimal Coming Soon & Maintenance Mode < 2.17 - Insecure permissions: Export Settings/Theme Change

There was a flaw that would allow any user logged in as a subscriber or above to export the plugin settings as a .txt file or modify the theme of the maintenance page on a vulnerable site. Login with subscriber or above permissions and send the following request to export the plugin settings:...

5.5CVSS5.4AI score0.0107EPSS
Exploits2References1
vulncheck_kev
vulncheck_kev
added 2020/01/08 12:0 a.m.4 views

VulnCheck KEV: CVE-2020-6166

A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.15, allows authenticated users with basic access to export settings and change maintenance-mode themes...

5.5CVSS6AI score0.0107EPSS
Exploits2References1
ptsecurity
ptsecurity
added 2018/10/02 12:0 a.m.5 views

PT-2018-3878 · D Link · D-Link Dir-823G

Name of the Vulnerable Software and Affected Versions: D-Link DIR-823G devices affected versions not specified Description: The issue is related to the lack of authentication in certain components of the D-Link DIR-823G device's firmware, specifically ExportSettings.sh, upload settings.cgi,...

10CVSS9.8AI score0.04115EPSS
Exploits1References3
bdu_fstec
bdu_fstec
added 2018/06/29 12:0 a.m.7 views

The vulnerability of the components ExportSettings.sh, updateWPS, RebootSystem, and vpnBasicSettings of the Intelbras NCLOUD 300 Wi-Fi router’s microprogramming system allows a hacker to gain access to the device with administrator privileges.

The vulnerabilities of the components ExportSettings.sh /cgi-bin/ExportSettings.sh, updateWPS /goform/updateWPS, RebootSystem /goform/RebootSystem, and vpnBasicSettings /goform/vpnBasicSettings of the Intelbras NCLOUD 300 Wi-Fi router software are related to the use of pre-installed registration...

10CVSS5.5AI score0.35573EPSS
Exploits5References4Affected Software1
cnvd
cnvd
added 2018/05/17 12:0 a.m.7 views

Intelbras NCLOUD 300 Denial of Service Vulnerability

Intelbras NCLOUD 300 is a wireless router device from Intelbras, Brazil. A security vulnerability exists in Intelbras NCLOUD 300 version 1.0, which stems from the program failing to require authentication. An attacker can exploit the vulnerability by sending requests to /cgi-bin/ExportSettings.sh...

10CVSS6.7AI score0.35573EPSS
Exploits5References1
osv
osv
added 2018/05/15 7:29 p.m.8 views

CVE-2018-11094

An issue was discovered on Intelbras NCLOUD 300 1.0 devices. /cgi-bin/ExportSettings.sh, /goform/updateWPS, /goform/RebootSystem, and /goform/vpnBasicSettings do not require authentication. For example, when an HTTP POST request is made to /cgi-bin/ExportSettings.sh, the username, password, and...

9.8CVSS5.8AI score0.35573EPSS
Exploits5References2
nvd
nvd
added 2017/12/20 11:29 p.m.20 views

CVE-2017-14387

The NFS service in EMC Isilon OneFS 8.1.0.0, 8.0.1.0 - 8.0.1.1, and 8.0.0.0 - 8.0.0.4 maintains default NFS export settings including the NFS export security flavor for authentication that can be leveraged by current and future NFS exports. This NFS service contained a flaw that did not properly...

6.5CVSS6.4AI score0.00914EPSS
Exploits0References2
ubuntucve
ubuntucve
added 2005/01/10 5:0 a.m.25 views

CVE-2004-0915

Multiple unknown vulnerabilities in viewcvs before 0.9.2, when exporting a repository as a tar archive, does not properly implement the hidecvsroot and forbidden settings, which could allow remote attackers to gain sensitive information...

5CVSS5.9AI score0.01294EPSS
Exploits0References1
Rows per page
Query Builder