59 matches found
CVE-2018-25316 Tenda W308R v2 V5.07.48 Cookie Session Weakness DNS Change
Tenda W308R v2 V5.07.48 contains a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the goform/AdvSetDns endpoint with a crafted admin language cookie to change DNS...
CVE-2018-25316
Tenda W308R v2 V5.07.48 contains a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the goform/AdvSetDns endpoint with a crafted admin language cookie to change DNS...
PT-2026-35999
Tenda W308R v2 V5.07.48 contains a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the goform/AdvSetDns endpoint with a crafted admin language cookie to change DNS...
Tenda W308R 安全漏洞
The Tenda W308R is a home wireless router from the Chinese company Tenda. It supports wireless network connections and routing management functions. The Tenda W308R v2 V5.07.48 version has a security vulnerability. This vulnerability stems from a Cookie session weakness, which allows unauthorized...
SUSE CVE-2026-33525
Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on SSO for applications via a web portal. In version 4.39.15, an attacker may potentially be able to inject javascript into the Authelia login page if several conditions are met...
CVE-2026-33525
Authelia is affected by a Cross‑Site Scripting vulnerability arising from improper neutralization of the input used to render the login page template. The issue stems from the langauge cookie value not being properly sanitized when generating HTML, enabling potential script execution under certai...
CVE-2026-33525
Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on SSO for applications via a web portal. In version 4.39.15, an attacker may potentially be able to inject javascript into the Authelia login page if several conditions are met...
CVE-2026-33525 Authelia: Improper Neutralization of Input During Web Page Generation Leads to Potential Cross-site Scripting
Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on SSO for applications via a web portal. In version 4.39.15, an attacker may potentially be able to inject javascript into the Authelia login page if several conditions are met...
CVE-2026-33525 Authelia: Improper Neutralization of Input During Web Page Generation Leads to Potential Cross-site Scripting
Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on SSO for applications via a web portal. In version 4.39.15, an attacker may potentially be able to inject javascript into the Authelia login page if several conditions are met...
CVE-2026-33525 Authelia: Improper Neutralization of Input During Web Page Generation Leads to Potential Cross-site Scripting
Authelia is an open-source authentication and authorization server providing two-factor authentication and single sign-on SSO for applications via a web portal. In version 4.39.15, an attacker may potentially be able to inject javascript into the Authelia login page if several conditions are met...
Authelia 跨站脚本漏洞
Authelia is a single-signpoint login multi-factor portal developed by Authelia OpenSource. Version 4.39.15 of Authelia contains a cross-site scripting vulnerability. This vulnerability arises from the lack of neutralization of the language cookie value during the rendering of HTML templates, whic...
EUVD-2006-1800
Malware in sbrugna...
EUVD-2006-0830
Malware in sbrugna...
EUVD-2006-2523
Malware in sbrugna...
EUVD-2013-5479
Malware in sbrugna...
EUVD-2024-54620
Malicious code in bioql PyPI...
CVE-2024-40114
A Cross Site Scripting XSS vulnerability in Sitecom WLX-2006 Wall Mount Range Extender N300 v1.5 and before allows an attacker to manipulate the language cookie to inject malicious JavaScript code...
CVE-2024-40114
A Cross Site Scripting XSS vulnerability in Sitecom WLX-2006 Wall Mount Range Extender N300 v1.5 and before allows an attacker to manipulate the language cookie to inject malicious JavaScript code...
CVE-2024-40114
A Cross Site Scripting XSS vulnerability in Sitecom WLX-2006 Wall Mount Range Extender N300 v1.5 and before allows an attacker to manipulate the language cookie to inject malicious JavaScript code...
Sitecom WLX-2006 Wall Mount Range Extender N300 安全漏洞
The Sitecom WLX-2006 Wall Mount Range Extender N300 is a wall mount range extender from Sitecom. A security vulnerability exists in the Sitecom WLX-2006 Wall Mount Range Extender N300 v1.5 and earlier versions, which stems from a mishandling of a language cookie that could result in local file...