Lucene search
K

8 matches found

EUVD
EUVD
added 2026/03/07 3:30 a.m.4 views

EUVD-2026-10095

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a stored cross-site scripting vulnerability that allows authenticated attackers to inject arbitrary script content through the System Name field. Attackers can inject malicious scripts that execute in a victim's brows...

5.1CVSS5.9AI score0.00188EPSS
Exploits0References3
CVE
CVE
added 2026/03/07 12:20 a.m.14 views

CVE-2026-25073

Summary: CVE-2026-25073 affects XikeStor SKS8310-8X Network Switch firmware prior to 1.04.B07. A stored cross-site scripting vulnerability exists in the System Name field due to improper output encoding, allowing authenticated attackers to inject and execute scripts in a victim’s browser when the...

5.4CVSS5.9AI score0.00188EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/07 12:20 a.m.3 views

CVE-2026-25071 XikeStor SKS8310-8X switch_config.src Missing Authentication

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain a missing authentication vulnerability in the /switchconfig.src endpoint that allows unauthenticated remote attackers to download device configuration files. Attackers can access this endpoint without credentials to...

8.7CVSS5.8AI score0.00512EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/09/25 12:0 a.m.7 views

PT-2024-31585 · Planex · Planex Mzk-Dp300N

Name of the Vulnerable Software and Affected Versions: PLANEX MZK-DP300N firmware versions 1.04 and earlier Description: The issue is related to a cross-site request forgery vulnerability. Viewing a malicious page while logging in to the web management page of the affected product may lead the us...

6.5CVSS7.3AI score0.00176EPSS
Exploits0References9
Packet Storm
Packet Storm
added 2010/12/17 12:0 a.m.21 views

D-Link DIR-300 Cross Site Request Forgery

document.exploit.submit;...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2010/12/17 12:0 a.m.16 views

D-Link DIR-300 - Cross-Site Request Forgery (Change Admin Account Settings)

D-Link DIR-300 - Cross-Site Request Forgery Change Admin Account Settings document.exploit.submit;...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2010/12/17 12:0 a.m.26 views

D-Link DIR-300 - Cross-Site Request Forgery (Change Admin Account Settings)

document.exploit.submit;...

7.4AI score
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2005/04/15 12:0 a.m.10 views

JVN#55023557 Buffalo router configuration management interface vulnerable to remote access and password leakage

Impact Configurations could be changed by the remote attacker. As the save configuration stores user's account and password information of ISPs in plain-text format, a remote attacker could steal such information and impersonate a user to gain illegal access. Solution Products Affected BUFFALO...

7.4AI score
Exploits0
Rows per page
Query Builder