Lucene search
K

4 matches found

Cvelist
Cvelist
added 2017/10/11 12:0 p.m.61 views

CVE-2013-6924

Seagate BlackArmor NAS devices with firmware sg2000-2000.1331 allow remote attackers to execute arbitrary commands via shell metacharacters in the ip parameter to backupmgt/getAlias.php...

9.9AI score0.15156EPSS
Exploits7References3
Prion
Prion
added 2014/01/21 4:6 p.m.15 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the Seagate BlackArmor NAS 220 devices with firmware sg2000-2000.1331 allow remote attackers to hijack the authentication of administrators for requests that 1 add user accounts via a crafted request to admin/accesscontroluseradd.php; 2...

6.8CVSS7.9AI score0.01397EPSS
Exploits6References2Affected Software2
Prion
Prion
added 2014/01/09 6:55 p.m.20 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Seagate BlackArmor NAS 220 devices with firmware sg2000-2000.1331 allow remote attackers to inject arbitrary web script or HTML via the 1 fullname parameter to admin/accesscontroluseredit.php or 2 workname parameter to...

4.3CVSS6.2AI score0.03217EPSS
Exploits7References3Affected Software2
CVE
CVE
added 2014/01/09 3:0 p.m.60 views

CVE-2013-6923

The CVE-2013-6923 issue affects Seagate BlackArmor NAS sg2000-2000 with firmware sg2000-2000.1331. It describes two persistent XSS risks: (1) fullname input in admin/access_control_user_edit.php and (2) workname input in admin/network_workgroup_domain.php. The root cause is failure to sanitize us...

4.3CVSS8AI score0.03217EPSS
Exploits7References3Affected Software2
Rows per page
Query Builder