16 matches found
EUVD-2014-1015
Malware in sbrugna...
EUVD-2014-0795
Malware in sbrugna...
Brilliance Golden Link Secondary System 注入漏洞
Brilliance Golden Link Secondary System is a management system from Brilliance, China. An injection vulnerability exists in Brilliance Golden Link Secondary System version 20250424 and earlier, which stems from incorrect manipulation of the parameter nodename in the file...
CVE-2019-13957
In Umbraco 7.3.8, there is SQL Injection in the backoffice/PageWApprove/PageWApproveApi/GetInpectSearch method via the nodeName parameter...
CVE-2019-13957
In Umbraco 7.3.8, there is SQL Injection in the backoffice/PageWApprove/PageWApproveApi/GetInpectSearch method via the nodeName parameter...
Cross-site Scripting (XSS)
umbraco cms is vulnerable to cross-site scripting XSS. A remote attacker is able to inject arbitrary Javascript into a victim's browser via the nodename parameter during the creation of a new page related to Umbraco.Web.UI/umbraco/dialogs/Publish.aspx.cs and...
Cross site scripting
Cross-site scripting XSS vulnerability in Umbraco CMS before 7.7.3 allows remote attackers to inject arbitrary web script or HTML via the "page name" aka nodename parameter during the creation of a new page, related to Umbraco.Web.UI/umbraco/dialogs/Publish.aspx.cs and...
CVE-2017-15279
Cross-site scripting XSS vulnerability in Umbraco CMS before 7.7.3 allows remote attackers to inject arbitrary web script or HTML via the "page name" aka nodename parameter during the creation of a new page, related to Umbraco.Web.UI/umbraco/dialogs/Publish.aspx.cs and...
(0Day) Advantech WebAccess webvrpcs Service BwWebSvc.dll NodeName strcpy Stack-Based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x13C76 IOCTL in the BwOpcTool subsystem. A stack-based buff...
CVE-2014-0985
Stack-based buffer overflow in Advantech WebAccess formerly BroadWin WebAccess 7.2 allows remote attackers to execute arbitrary code via the NodeName parameter...
Stack overflow
Stack-based buffer overflow in Advantech WebAccess formerly BroadWin WebAccess 7.2 allows remote attackers to execute arbitrary code via the NodeName parameter...
CVE-2014-0985
Stack-based buffer overflow in Advantech WebAccess formerly BroadWin WebAccess 7.2 allows remote attackers to execute arbitrary code via the NodeName parameter...
CVE-2014-0985
Advantech WebAccess 7.2 contains multiple stack-based buffer overflow vulnerabilities (CVE-2014-0985 through CVE-2014-0992) in ActiveX/ parsing code (notably NodeName, GotoCmd, NodeName2, AccessCode, AccessCode2, UserName, projectname, and password parameters). According to Core Security CORE-201...
Advantech WebAccess NodeName参数处理栈缓冲区溢出漏洞
CVE ID:CVE-2014-0764 Advantech WebAccess HMI/SCADA是一款HMI/SCADA软件。 Advantech WebAccess处理NodeName参数时不正确过滤用户输入,允许远程攻击者利用漏洞提交特殊参数触发基于栈的缓冲区溢出,可使应用程序崩溃或执行任意代码。 0 Advantech WebAccess 7.1 Advantech WebAccess 7.2版本已修复该漏洞,建议用户下载使用: http://webaccess.advantech.com/...
CVE-2014-0764
By providing an overly long string to the NodeName parameter, an attacker may be able to overflow the static stack buffer. The attacker may then execute code on the target device remotely...
CVE-2014-0764
Advantech WebAccess is affected by CVE-2014-0764 due to a stack-based buffer overflow in the NodeName parameter parsing of the webvact.ocx ActiveX control. The advisory material from Core Security (CORE-2014-0005) and related sources indicate the vulnerability could allow remote code execution wh...