6 matches found
CVE-2022-4982
DBLTek GoIP-1 firmware versions up to and including GHSFVT-1.1-67-5 contain a local file inclusion vulnerability. The device's web server exposes handlers frame.html and frame.A100.html that accept a path parameter content or sidebar which is not properly validated or canonicalized. An attacker c...
The vulnerability of the microprogramming-based VoIP gateway software DBLTek allows attackers to execute arbitrary operating system commands.
The vulnerability of the microprogramming-based VoIP gateway software DBLTek exists due to the lack of measures taken to neutralize special elements used in the operating system command. Exploiting this vulnerability allows a malicious actor to obtain the administrator password by using the reque...
Format string
frame.html in Aida-Web Aida Web allows remote attackers to bypass a protection mechanism and obtain comment and task details via modified values to the 1 Mehr and 2 SUPER parameters...
CVE-2007-6056
frame.html in Aida-Web Aida Web allows remote attackers to bypass a protection mechanism and obtain comment and task details via modified values to the 1 Mehr and 2 SUPER parameters...
CVE-2007-6056
frame.html in Aida-Web Aida Web allows remote attackers to bypass a protection mechanism and obtain comment and task details via modified values to the 1 Mehr and 2 SUPER parameters...
AIDA Web - Frame.HTML Multiple Unauthorized Access Vulnerabilities
AIDA Web - Frame.HTML Multiple Unauthorized Access Vulnerabilities source: https://www.securityfocus.com/bid/26464/info AIDA Web is prone to multiple unauthorized access vulnerabilities. An attacker could exploit these issues to obtain potentially sensitive information that could aid in further...