48 matches found
EUVD-2015-1144
Malware in sbrugna...
EUVD-2017-4268
Malware in sbrugna...
Buffer overflow
Moxa SoftCMS 1.3 and prior is susceptible to a buffer overflow condition that may crash or allow remote code execution. Moxa released SoftCMS version 1.4 on June 1, 2015, to address the vulnerability...
CVE-2015-6458
CVE-2015-6458 describes a heap/classic buffer overflow in Moxa SoftCMS 1.3 and earlier that may crash or allow remote code execution. Public documentation ties the issue to buffer overflow weaknesses in SoftCMS prior to version 1.4, which Moxa released on 2015-06-01 to address the vulnerability b...
Sql injection
A SQL Injection issue was discovered in Moxa SoftCMS Live Viewer through 1.6. An improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability has been identified. Attackers can exploit this vulnerability to access SoftCMS without knowing the user's password...
CVE-2017-12729
A SQL Injection issue was discovered in Moxa SoftCMS Live Viewer through 1.6. An improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability has been identified. Attackers can exploit this vulnerability to access SoftCMS without knowing the user's password...
CVE-2017-12729
A SQL Injection issue was discovered in Moxa SoftCMS Live Viewer through 1.6. An improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability has been identified. Attackers can exploit this vulnerability to access SoftCMS without knowing the user's password...
CVE-2017-12729
CVE-2017-12729 is a SQL Injection vulnerability in Moxa SoftCMS Live Viewer (versions up to 1.6). The root cause is improper neutralization of special elements in SQL commands, allowing an unauthenticated attacker to access SoftCMS without a password. The ICS-CERT advisory confirms affected versi...
CVE-2016-9333
An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. The SoftCMS Application does not properly sanitize input that may allow a remote attacker access to SoftCMS with administrator's privilege through specially crafted input SQL INJECTION...
CVE-2016-9333
An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. The SoftCMS Application does not properly sanitize input that may allow a remote attacker access to SoftCMS with administrator's privilege through specially crafted input SQL INJECTION...
Double free
An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. A specially crafted URL request sent to the SoftCMS ASP Webserver can cause a double free condition on the server allowing an attacker to modify memory locations and possibly cause a denial of service or the execution of...
Sql injection
An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. The SoftCMS Application does not properly sanitize input that may allow a remote attacker access to SoftCMS with administrator's privilege through specially crafted input SQL INJECTION...
Race condition
An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. Moxa SoftCMS Webserver does not properly validate input. An attacker could provide unexpected values and cause the program to crash or excessive consumption of resources could result in a denial-of-service condition...
CVE-2016-8360
An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. A specially crafted URL request sent to the SoftCMS ASP Webserver can cause a double free condition on the server allowing an attacker to modify memory locations and possibly cause a denial of service or the execution of...
CVE-2016-8360
An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. A specially crafted URL request sent to the SoftCMS ASP Webserver can cause a double free condition on the server allowing an attacker to modify memory locations and possibly cause a denial of service or the execution of...
CVE-2016-8360
An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. A specially crafted URL request sent to the SoftCMS ASP Webserver can cause a double free condition on the server allowing an attacker to modify memory locations and possibly cause a denial of service or the execution of...
CVE-2016-9332
An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. Moxa SoftCMS Webserver does not properly validate input. An attacker could provide unexpected values and cause the program to crash or excessive consumption of resources could result in a denial-of-service condition...
CVE-2016-9333
An issue was discovered in Moxa SoftCMS versions prior to Version 1.6. The SoftCMS Application does not properly sanitize input that may allow a remote attacker access to SoftCMS with administrator's privilege through specially crafted input SQL INJECTION...
CVE-2016-8360
CVE-2016-8360 affects Moxa SoftCMS Webserver in versions before 1.6. A specially crafted URL request can trigger a double-free condition, enabling memory corruption that could lead to denial of service or arbitrary code execution. Severity is high (CVSSv3 base 8.1) with network access required an...
CVE-2016-9332
CVE-2016-9332 affects Moxa SoftCMS Webserver prior to version 1.6. The vulnerability stems from improper input validation in the ASP Webserver, allowing an attacker to provide unexpected values that can crash the application or cause excessive resource consumption, potentially leading to a denial...