UBUNTU-CVE-2022-35946

GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In affected versions request input is not properly validated in the plugin controller and can be used ...

CVE-2022-35946 SQL injection through plugin controller in GLPI

GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In affected versions request input is not properly validated in the plugin controller and can be used ...

CVE-2019-16534

On DrayTek Vigor2925 devices with firmware 3.8.4.3, XSS exists via a crafted WAN name on the General Setup screen. NOTE: this is an end-of-life product...

CVE-2019-16534

On DrayTek Vigor2925 devices with firmware 3.8.4.3, XSS exists via a crafted WAN name on the General Setup screen. NOTE: this is an end-of-life product...

Design/Logic Flaw

On DrayTek Vigor2925 devices with firmware 3.8.4.3, XSS exists via a crafted WAN name on the General Setup screen. NOTE: this is an end-of-life product...

CVE-2019-16534

On DrayTek Vigor2925 devices with firmware 3.8.4.3, XSS exists via a crafted WAN name on the General Setup screen. NOTE: this is an end-of-life product...

Tenda ADSL Router D152 Cross Site Scripting

Exploit Title: Tenda D152 ADSL Router - Cross-Site Scripting Exploit Author: Sandip Dey Date: 2018-07-21 Vendor Homepage: http://www.tendacn.com Hardware Link:...

Tenda ADSL Router D152 - Cross-Site Scripting

Tenda ADSL Router D152 - Cross-Site Scripting Exploit Title: Tenda D152 ADSL Router - Cross-Site Scripting Exploit Author: Sandip Dey Date: 2018-07-21 Vendor Homepage: http://www.tendacn.com Hardware Link:...

DIGISOL DG-HR3400 Wireless Router - Cross-Site Scripting

DIGISOL DG-HR3400 Wireless Router - Cross-Site Scripting Exploit Title: DIGISOL DG-HR3400 Wireless Router - Cross-Site Scripting Date: 2018-06-25 Vendor Homepage: http://www.digisol.com Hardware Link: https://www.amazon.in/Digisol-DG-HR3400-300Mbps-Wireless-Broadband/dp/B00IL8DR6W Category:...

DIGISOL DG-HR3400 Wireless Router - Cross-Site Scripting

Exploit Title: DIGISOL DG-HR3400 Wireless Router - Cross-Site Scripting Date: 2018-06-25 Vendor Homepage: http://www.digisol.com Hardware Link: https://www.amazon.in/Digisol-DG-HR3400-300Mbps-Wireless-Broadband/dp/B00IL8DR6W Category: Hardware Exploit Author: Adipta Basu Tested on: Mac OS High...

Arbitrary File Deletion Vulnerability in the Pelco Sarix Enhanced GeneralSetupController.php File

pelco Sarix Enhanced is a webcam. An arbitrary file deletion vulnerability exists in the pelco Sarix Enhanced GeneralSetupController.php file. The vulnerability is due to the program failing to properly check for uploaded files when processing them, an attacker can delete arbitrary files in the...

CVE-2013-2671

Multiple cross-site scripting XSS vulnerabilities in the Brother MFC-9970CDW printer with firmware L 1.10 allow remote attackers to inject arbitrary web script or HTML via the 1 id or 2 val parameter to admin/adminmain.html; 3 id, 4 val, or 5 arbitrary parameter name QUERYSTRING to...

Becky! Internet Mail Read Receipt请求缓冲区溢出漏洞

BUGTRAQ ID: 33756 Becky! Internet Mail是一个常用的Email客户端软件。 Becky! Internet Mail客户端没有正确地处理read receipt请求。如果用户查看了特制的邮件并允许发送read receipt请求的话，就可以触发缓冲区溢出，导致执行任意代码。 RimArts Becky! Internet Mail 2.48.02 厂商补丁： RimArts ------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.rimarts.co.jp/index.html 在General...

JVN#29641290 Becky! Internet Mail buffer overflow vulnerability

Becky! Internet Mail is an email client software. Becky! Internet Mail contains a buffer overflow vulnerability as it does not properly handle read receipt requests. Impact If the user views a specially crafted email and allows a read receipt to be sent, arbitrary code may be executed. Solution...

PHP Classifieds 6.20 - Multiple Cross-Site Scripting Authentication Bypass Vulnerabilities

PHP Classifieds 6.20 - Multiple Cross-Site Scripting Authentication Bypass Vulnerabilities source: https://www.securityfocus.com/bid/28521/info PHP Classifieds is prone to multiple cross-site scripting vulnerabilities and an authentication-bypass vulnerability. An attacker may leverage these issu...