Lucene search
K

31 matches found

CNNVD
CNNVD
added 2024/02/29 12:0 a.m.3 views

VIVOTEK Network Camera Security Vulnerability

VIVOTEK Network Camera is a webcam from VIVOTEK. A security vulnerability exists in VIVOTEK Network Camera version v.FD8166A-VVTK-0204j, which originates from a vulnerability that allows remote attackers to execute arbitrary code via the uploadfile.cgi component...

9.8CVSS7.8AI score0.01107EPSS
Exploits0References2
OSV
OSV
added 2024/01/30 3:15 p.m.6 views

CVE-2024-1034

A vulnerability, which was classified as critical, was found in openBI up to 1.0.8. This affects the function uploadFile of the file /application/index/controller/File.php. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclose...

9.8CVSS5.3AI score0.00764EPSS
Exploits0References3
OSV
OSV
added 2023/07/10 4:15 p.m.5 views

CVE-2023-3561

A vulnerability, which was classified as problematic, was found in GZ Scripts PHP GZ Hotel Booking Script 1.8. This affects an unknown part of the file /load.php. The manipulation of the argument firstname/secondname/phone/address1/country leads to cross site scripting. It is possible to initiate...

6.1CVSS4.1AI score0.00442EPSS
Exploits0References2
OSV
OSV
added 2022/09/29 12:15 p.m.5 views

CVE-2022-40475

TOTOLINK A860R V4.1.2cu.5182B20201027 was discovered to contain a command injection via the component /cgi-bin/downloadFile.cgi...

9.8CVSS5.7AI score0.03505EPSS
Exploits1References1
EUVD
EUVD
added 2022/01/04 1:49 p.m.5 views

EUVD-2021-30618

The downloadFlile.cgi binary file in TOTOLINK EX200 V4.0.3c.7646B20201211 has a command injection vulnerability when receiving GET parameters. The parameter name can be constructed for unauthenticated command execution...

9.8CVSS8AI score0.36272EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/12/03 12:0 a.m.4 views

zyx0814 dzzoffice 跨站脚本漏洞

DzzOffice is a platform from IBM DzzOffice in the United States that provides online collaborative office suite functionality. The platform can be used to provide online documents, forms, webstores, presentations, and other features. zyx0814 A cross-site scripting vulnerability exists in dzzoffic...

6.1CVSS5.9AI score0.00621EPSS
Exploits1References2
OSV
OSV
added 2019/06/17 8:15 p.m.3 views

CVE-2017-9386

An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides a script file called "getfile.sh" which allows a user to retrieve any file stored in the "cmh-ext" folder on the device. However, the "filename" parameter is not validated correctly and this allows a...

6.5CVSS5.8AI score0.0314EPSS
Exploits1References3
NVD
NVD
added 2015/09/02 4:59 p.m.24 views

CVE-2015-4330

A local file script in Cisco TelePresence Video Communication Server VCS Expressway X8.5.2 allows local users to gain privileges for OS command execution via invalid parameters, aka Bug ID CSCuv10556...

6.9CVSS6.8AI score0.0054EPSS
Exploits0References2
CVE
CVE
added 2015/09/02 4:0 p.m.57 views

CVE-2015-4330

Cisco TelePresence Video Communication Server Expressway X8.5.2 contains a local file script vulnerability that lets an authenticated, local attacker gain elevated OS-command execution by supplying invalid parameters to a local script. Root cause is insufficient protection of the local script, en...

6.9CVSS7AI score0.0054EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2015/09/02 4:0 p.m.26 views

CVE-2015-4330

A local file script in Cisco TelePresence Video Communication Server VCS Expressway X8.5.2 allows local users to gain privileges for OS command execution via invalid parameters, aka Bug ID CSCuv10556...

6.8AI score0.0054EPSS
Exploits0References2
Cisco
Cisco
added 2015/09/01 1:35 p.m.30 views

Cisco TelePresence Video Communication Server Expressway Command Injection Vulnerability

A vulnerability in a local file script in Cisco TelePresence Video Communication Server VCS Expressway could allow an authenticated, local attacker to execute arbitrary commands on the underlying operating system with elevated privilege. The vulnerability is due to insufficient protection of a...

6.6CVSS7.2AI score0.0054EPSS
Exploits0References1
Rows per page
Query Builder