Lucene search
K

108 matches found

CVE
CVE
added 2017/12/08 5:0 a.m.46 views

CVE-2017-17463

CVE-2017-17463 affects Vivo modems. The vulnerability allows remote attackers to disclose sensitive information by reading the index.cgi?page=wifi HTML source code, with examples including ssid and psk_wepkey fields. Exploitation status, affected models/versions, root cause specifics, and remedia...

7.5CVSS7.3AI score0.01344EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2015/03/26 12:0 a.m.4 views

Barracuda Networks Web Application Firewall 660 HTML Injection Vulnerability

Barracuda Networks Web Application Firewall 660 is a web application firewall from Barracuda Networks. An HTML injection vulnerability exists in the cgi-mod/index.cgi file in the Barracuda Networks Web Application Firewall 660. When a user browses the affected site, their browser will execute...

7.7AI score
Exploits0References1
CNVD
CNVD
added 2015/02/21 12:0 a.m.4 views

Cosmoshop 'index.cgi' Cross-Site Scripting Vulnerability

Cosmoshop is an online store application. A cross-site scripting vulnerability exists in Cosmoshop 'index.cgi', which can be exploited by remote attackers to construct malicious URIs that can be tricked into being parsed by the user, which can be used to obtain sensitive cookies, hijack sessions,...

4.3CVSS6.3AI score0.01457EPSS
Exploits1References1
NVD
NVD
added 2015/02/06 3:59 p.m.20 views

CVE-2015-1444

Multiple cross-site scripting XSS vulnerabilities in the web administration frontend in the httpd package in fli4l before 3.10.1 and 4.0 before 2015-01-30 allow remote attackers to inject arbitrary web script or HTML via the 1 conntrack.cgi, 2 index.cgi, 3 logsyslog.cgi, 4 problems.cgi, 5...

4.3CVSS5.8AI score0.01423EPSS
Exploits0References4
Prion
Prion
added 2015/01/13 11:59 a.m.13 views

Cross site scripting

Cross-site scripting XSS vulnerability in D-Link DAP-1360 router with firmware 2.5.4 and later allows remote attackers to inject arbitrary web script or HTML via the resbuf parameter to index.cgi when resconfigid is set to 41...

4.3CVSS6.2AI score0.00995EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2015/01/13 11:0 a.m.53 views

CVE-2014-10026

The CVE-2014-10026 issue affects D-Link DAP-1360 devices running firmware 2.5.4 and earlier. The vulnerability arises in index.cgi where a remote attacker can bypass authentication by setting the client_login cookie to admin, allowing access to sensitive information. Impact is exposure of confide...

5CVSS6.8AI score0.02042EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2015/01/13 11:0 a.m.26 views

CVE-2014-10028

Cross-site scripting XSS vulnerability in D-Link DAP-1360 router with firmware 2.5.4 and later allows remote attackers to inject arbitrary web script or HTML via the resbuf parameter to index.cgi when resconfigid is set to 41...

5.8AI score0.00995EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2015/01/13 12:0 a.m.6 views

PT-2015-3671 · D Link · D-Link Dap-1360

Name of the Vulnerable Software and Affected Versions: D-Link DAP-1360 router versions 2.5.4 and earlier Description: The issue allows remote attackers to hijack the authentication of unspecified users for requests, including changing the MAC filter restrict mode, adding a MAC address to the...

6.8CVSS6.6AI score0.00785EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2015/01/13 12:0 a.m.5 views

PT-2015-3669 · D Link · D-Link Dap-1360

Name of the Vulnerable Software and Affected Versions: D-Link DAP-1360 versions 2.5.4 and earlier Description: The issue allows remote attackers to hijack the authentication of unspecified users for requests that change various settings, including Enable Wireless, MBSSID, BSSID, Hide Access Point...

6.8CVSS6.9AI score0.00785EPSS
Exploits1References3
Vulnerability Lab
Vulnerability Lab
added 2014/07/25 12:0 a.m.32 views

Barracuda Spam&Virus FW #39 - CS Cross Site Vulnerability

Document Title: =============== Barracuda Spam&Virus FW 39 - CS Cross Site Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1118 Barracuda Networks Security ID BNSEC: BNSEC-1052 https://www.barracuda.com/support/knowledgebase/501600000013lYI...

7.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2014/07/25 12:0 a.m.30 views

Barracuda Spam&Virus FW #39 - CS Cross Site Vulnerability

Document Title: =============== Barracuda Spam&Virus FW 39 - CS Cross Site Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1118 Barracuda Networks Security ID BNSEC: BNSEC-1052 https://www.barracuda.com/support/knowledgebase/501600000013lYI...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

Web-APP.net WebAPP 0.9.x index.cgi Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/17359/info Web-App.Org and Web-App.Net are prone to multiple cross-site scripting vulnerabilities because the applications fail to properly sanitize user-supplied input. An attacker may leverage these issues to execute...

7.1AI score
Exploits0
NVD
NVD
added 2014/05/16 2:55 p.m.20 views

CVE-2014-3761

Cross-site scripting XSS vulnerability in D-Link DAP 1150 with firmware 1.2.94 allows remote attackers to inject arbitrary web script or HTML via the resbuf parameter to index.cgi in the Control/URL-filter section...

4.3CVSS5.8AI score0.00995EPSS
Exploits1References2
Prion
Prion
added 2014/05/16 2:55 p.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in D-Link DAP 1150 with firmware 1.2.94 allows remote attackers to inject arbitrary web script or HTML via the resbuf parameter to index.cgi in the Control/URL-filter section...

4.3CVSS6.2AI score0.00995EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2014/05/16 12:0 a.m.8 views

PT-2014-5486 · D Link · D-Link Dap 1150

Name of the Vulnerable Software and Affected Versions: D-Link DAP 1150 version 1.2.94 Description: A cross-site scripting XSS issue allows remote attackers to inject arbitrary web script or HTML via the res buf parameter to "index.cgi" in the Control/URL-filter section. Recommendations: For D-Lin...

4.3CVSS5.5AI score0.00995EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2013/03/21 8:55 p.m.2 views

CVE-2013-0126

Multiple cross-site request forgery CSRF vulnerabilities in index.cgi on the Verizon FIOS Actiontec MI424WR-GEN3I router with firmware 40.19.36 allow remote attackers to hijack the authentication of administrators for requests that 1 add administrative accounts via the username and userlevel...

6.8CVSS5.5AI score0.02938EPSS
Exploits7References4
OpenVAS
OpenVAS
added 2012/04/04 12:0 a.m.23 views

BackupPC < 3.2.1 Multiple XSS Vulnerabilities - Active Check

BackupPC is prone to multiple cross-site scripting XSS vulnerabilities. Copyright C 2012 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

5.8AI score
Exploits0References9
OSV
OSV
added 2012/02/18 12:55 a.m.3 views

DEBIAN-CVE-2011-4923

Cross-site scripting XSS vulnerability in View.pm in BackupPC 3.0.0, 3.1.0, 3.2.0, 3.2.1, and possibly earlier allows remote attackers to inject arbitrary web script or HTML via the num parameter in a view action to index.cgi, related to the log file viewer, a different vulnerability than...

4.3CVSS5.8AI score0.02108EPSS
Exploits0References1
OSV
OSV
added 2012/02/18 12:55 a.m.5 views

CVE-2011-3361

Cross-site scripting XSS vulnerability in CGI/Browse.pm in BackupPC 3.2.0 and possibly other versions before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via the num parameter in a browse action to index.cgi...

5.5AI score
Exploits0References11
NVD
NVD
added 2012/02/18 12:55 a.m.25 views

CVE-2011-3361

Cross-site scripting XSS vulnerability in CGI/Browse.pm in BackupPC 3.2.0 and possibly other versions before 3.2.1 allows remote attackers to inject arbitrary web script or HTML via the num parameter in a browse action to index.cgi...

4.3CVSS5.6AI score0.02507EPSS
Exploits1References11
Rows per page
Query Builder