58 matches found
VulnCheck KEV: CVE-2021-24295
It was possible to exploit an Unauthenticated Time-Based Blind SQL Injection vulnerability in the Spam protection, AntiSpam, FireWall by CleanTalk WordPress Plugin before 5.153.4. The updatelog function in lib/Cleantalk/ApbctWP/Firewall/SFW.php included a vulnerable query that could be...
Multiple Dahua Products Input Validation Error Vulnerability (CNVD-2020-22980)
Dahua SD6AL Series and so on are the products of Dahua, China.SD6AL Series is a network camera of SD6AL series.NVR 5x Series is a network video recorder of 5x series.IPC-HX2XXX Series is a network camera of IPC-HX2XXX series.NVR 5x Series is a network video recorder of 5x series.NVR 5x Series is ...
CVE-2020-9500
Some products of Dahua have Denial of Service vulnerabilities. After the successful login of the legal account, the attacker sends a specific log query command, which may cause the device to go down...
CVE-2020-9500
Some products of Dahua have Denial of Service vulnerabilities. After the successful login of the legal account, the attacker sends a specific log query command, which may cause the device to go down...
CVE-2020-9500
Some products of Dahua have Denial of Service vulnerabilities. After the successful login of the legal account, the attacker sends a specific log query command, which may cause the device to go down...
CVE-2020-9500
CVE-2020-9500 affects some Dahua products; the vulnerability allows Denial of Service after a legal-account login by sending a specific log query, potentially causing the device to go down. The alert/guidance in connected sources is limited to describing the DoS condition without publicly disclos...
Trend Micro ScanMail for Exchange Log Query and Quarantine Query Page Cross-Site Scripting Vulnerability
Trend Micro ScanMail for Exchange is a mail firewall solution developed and maintained by Trend Micro that is designed to protect Exchange mail servers from viruses, spyware and spam threats. A cross-site scripting vulnerability exists in the Log Query and Quarantine Query pages in Trend Micro...
CVE-2017-14093
The Log Query and Quarantine Query pages in Trend Micro ScanMail for Exchange 12.0 are vulnerable to cross site scripting XSS attacks...
Cross site scripting
The Log Query and Quarantine Query pages in Trend Micro ScanMail for Exchange 12.0 are vulnerable to cross site scripting XSS attacks...
CVE-2017-14093
The Log Query and Quarantine Query pages in Trend Micro ScanMail for Exchange 12.0 are vulnerable to cross site scripting XSS attacks...
CVE-2017-14093
Trend Micro ScanMail for Exchange 12.x (SMEX) contains a cross-site scripting vulnerability (CVE-2017-14093) in the Web-based Logs and Quarantine Query pages. The root cause is improper input handling on the logs/ Quarantine pages, allowing injected script via parameters such as optRemoteLog, txt...
Trend Micro Threat Discovery Appliance Arbitrary Code Execution Vulnerability (CNVD-2017-06834)
The Trend Micro Threat Discovery Appliance TDA is a threat discovery appliance with integrated cloud security technology from Trend Micro. The appliance provides detection of malicious activity at the network layer, threat management services, and threat analysis and reporting. A security...
Trend Micro Threat Discovery Appliance Arbitrary Code Execution Vulnerability (CNVD-2017-06832)
The Trend Micro Threat Discovery Appliance TDA is a threat discovery appliance with integrated cloud security technology from Trend Micro. The appliance provides detection of malicious activity at the network layer, threat management services, and threat analysis and reporting. A security...
Sql injection
SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query request to index.php...
CVE-2016-10204
SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query request to index.php...
DEBIAN-CVE-2016-10204
SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query request to index.php...
CVE-2016-10204
SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query request to index.php...
CVE-2016-10204
SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query request to index.php...