Lucene search
+L

58 matches found

VulnCheck KEV
VulnCheck KEV
added 2021/05/03 12:0 a.m.5 views

VulnCheck KEV: CVE-2021-24295

It was possible to exploit an Unauthenticated Time-Based Blind SQL Injection vulnerability in the Spam protection, AntiSpam, FireWall by CleanTalk WordPress Plugin before 5.153.4. The updatelog function in lib/Cleantalk/ApbctWP/Firewall/SFW.php included a vulnerable query that could be...

7.5CVSS7.2AI score0.04691EPSS
Exploits1References1
CNVD
CNVD
added 2020/04/10 12:0 a.m.4 views

Multiple Dahua Products Input Validation Error Vulnerability (CNVD-2020-22980)

Dahua SD6AL Series and so on are the products of Dahua, China.SD6AL Series is a network camera of SD6AL series.NVR 5x Series is a network video recorder of 5x series.IPC-HX2XXX Series is a network camera of IPC-HX2XXX series.NVR 5x Series is a network video recorder of 5x series.NVR 5x Series is ...

4.9CVSS6.7AI score0.01049EPSS
Exploits0
NVD
NVD
added 2020/04/09 2:15 p.m.19 views

CVE-2020-9500

Some products of Dahua have Denial of Service vulnerabilities. After the successful login of the legal account, the attacker sends a specific log query command, which may cause the device to go down...

4.9CVSS5.1AI score0.01049EPSS
Exploits0References1
OSV
OSV
added 2020/04/09 2:15 p.m.1 views

CVE-2020-9500

Some products of Dahua have Denial of Service vulnerabilities. After the successful login of the legal account, the attacker sends a specific log query command, which may cause the device to go down...

4.9CVSS5.8AI score0.01049EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/04/09 1:21 p.m.23 views

CVE-2020-9500

Some products of Dahua have Denial of Service vulnerabilities. After the successful login of the legal account, the attacker sends a specific log query command, which may cause the device to go down...

5.2AI score0.01049EPSS
Exploits0References1
CVE
CVE
added 2020/04/09 1:21 p.m.73 views

CVE-2020-9500

CVE-2020-9500 affects some Dahua products; the vulnerability allows Denial of Service after a legal-account login by sending a specific log query, potentially causing the device to go down. The alert/guidance in connected sources is limited to describing the DoS condition without publicly disclos...

4.9CVSS5.1AI score0.01049EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2017/12/19 12:0 a.m.6 views

Trend Micro ScanMail for Exchange Log Query and Quarantine Query Page Cross-Site Scripting Vulnerability

Trend Micro ScanMail for Exchange is a mail firewall solution developed and maintained by Trend Micro that is designed to protect Exchange mail servers from viruses, spyware and spam threats. A cross-site scripting vulnerability exists in the Log Query and Quarantine Query pages in Trend Micro...

6.1CVSS6.3AI score0.01036EPSS
Exploits1References1
OSV
OSV
added 2017/12/16 2:29 a.m.5 views

CVE-2017-14093

The Log Query and Quarantine Query pages in Trend Micro ScanMail for Exchange 12.0 are vulnerable to cross site scripting XSS attacks...

6.1CVSS5.2AI score
Exploits0References2
Prion
Prion
added 2017/12/16 2:29 a.m.16 views

Cross site scripting

The Log Query and Quarantine Query pages in Trend Micro ScanMail for Exchange 12.0 are vulnerable to cross site scripting XSS attacks...

4.3CVSS6.5AI score0.01036EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2017/12/15 2:0 p.m.20 views

CVE-2017-14093

The Log Query and Quarantine Query pages in Trend Micro ScanMail for Exchange 12.0 are vulnerable to cross site scripting XSS attacks...

7.3AI score0.01036EPSS
Exploits1References2
CVE
CVE
added 2017/12/15 2:0 p.m.57 views

CVE-2017-14093

Trend Micro ScanMail for Exchange 12.x (SMEX) contains a cross-site scripting vulnerability (CVE-2017-14093) in the Web-based Logs and Quarantine Query pages. The root cause is improper input handling on the logs/ Quarantine pages, allowing injected script via parameters such as optRemoteLog, txt...

6.1CVSS7.2AI score0.01036EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2017/05/03 12:0 a.m.6 views

Trend Micro Threat Discovery Appliance Arbitrary Code Execution Vulnerability (CNVD-2017-06834)

The Trend Micro Threat Discovery Appliance TDA is a threat discovery appliance with integrated cloud security technology from Trend Micro. The appliance provides detection of malicious activity at the network layer, threat management services, and threat analysis and reporting. A security...

9CVSS8AI score0.05737EPSS
Exploits5References1
CNVD
CNVD
added 2017/05/03 12:0 a.m.4 views

Trend Micro Threat Discovery Appliance Arbitrary Code Execution Vulnerability (CNVD-2017-06832)

The Trend Micro Threat Discovery Appliance TDA is a threat discovery appliance with integrated cloud security technology from Trend Micro. The appliance provides detection of malicious activity at the network layer, threat management services, and threat analysis and reporting. A security...

9CVSS8AI score0.06247EPSS
Exploits5References1
Prion
Prion
added 2017/03/03 3:59 p.m.12 views

Sql injection

SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query request to index.php...

7.5CVSS9AI score0.02082EPSS
Exploits2References2Affected Software1
UbuntuCve
UbuntuCve
added 2017/03/03 3:59 p.m.24 views

CVE-2016-10204

SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query request to index.php...

9.8CVSS7.5AI score0.02082EPSS
Exploits2References4
OSV
OSV
added 2017/03/03 3:59 p.m.4 views

DEBIAN-CVE-2016-10204

SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query request to index.php...

9.8CVSS9.3AI score0.02082EPSS
Exploits2References1
OSV
OSV
added 2017/03/03 3:59 p.m.22 views

CVE-2016-10204

SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query request to index.php...

9.8CVSS8.6AI score
Exploits0References2
Debian CVE
Debian CVE
added 2017/03/03 3:0 p.m.41 views

CVE-2016-10204

SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query request to index.php...

9.8CVSS7.5AI score0.02082EPSS
Exploits2
Rows per page
Query Builder