2 matches found
CVE-2025-43716
CVE-2025-43716 describes a directory traversal in Ivanti LANDesk Management Gateway up to version 4.2-1.9. By appending “%3F.php” to the URI of /client/index.php, an attacker can bypass access controls and access endpoints such as /client/index.php%3F.php/gsb/firewall.php in the management web pa...
NETGEAR JGS516PE/GS116Ev2 Cross-Site Scripting Vulnerability
The NETGEAR JGS516PE/GS116Ev2 is a 16-port Gigabit Smart Managed Plus switch. A cross-site scripting vulnerability exists in the management web panel of the NETGEAR JGS516PE/GS116Ev2 version 2.6.0.43. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML via the...