70 matches found
EUVD-2014-4237
Malware in sbrugna...
EUVD-2012-6596
Malware in sbrugna...
EUVD-2014-7067
Malware in sbrugna...
EUVD-2011-1101
Malware in sbrugna...
CVE-2012-10040
Openfiler v2.x contains a command injection vulnerability in the system.html page. The device parameter is used to instantiate a NetworkCard object, whose constructor in network.inc calls exec with unsanitized input. An authenticated attacker can exploit this to execute arbitrary commands as the...
CVE-2012-10040
Openfiler v2.x contains a command injection vulnerability in the system.html page. The device parameter is used to instantiate a NetworkCard object, whose constructor in network.inc calls exec with unsanitized input. An authenticated attacker can exploit this to execute arbitrary commands as the...
CVE-2012-10040
Openfiler v2.x contains a command injection vulnerability in the system.html page. The device parameter is used to instantiate a NetworkCard object, whose constructor in network.inc calls exec with unsanitized input. An authenticated attacker can exploit this to execute arbitrary commands as the...
CVE-2012-10040 Openfiler v2.x NetworkCard Command Execution
Openfiler v2.x contains a command injection vulnerability in the system.html page. The device parameter is used to instantiate a NetworkCard object, whose constructor in network.inc calls exec with unsanitized input. An authenticated attacker can exploit this to execute arbitrary commands as the...
CVE-2012-10040 Openfiler v2.x NetworkCard Command Execution
Openfiler v2.x contains a command injection vulnerability in the system.html page. The device parameter is used to instantiate a NetworkCard object, whose constructor in network.inc calls exec with unsanitized input. An authenticated attacker can exploit this to execute arbitrary commands as the...
CVE-2012-10040
Openfiler v2.x has a command-injection in the system.html page where the device parameter constructs a NetworkCard object and its constructor calls exec() with unsanitized input. An authenticated attacker can run arbitrary commands as the openfiler user; due to misconfigured sudoers, this user ca...
Openfiler 安全漏洞
Openfiler is provides an easy way to deploy and manage network storage. A security vulnerability exists in Openfiler version 2.x, which stems from the device parameter being passed directly to the exec function without validation, which could lead to remote code execution and elevation of privile...
CVE-2023-49488
A cross-site scripting XSS vulnerability in Openfiler ESA v2.99.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the nic parameter...
CVE-2011-1086
Cross-site scripting XSS vulnerability in admin/system.html in Openfiler 2.3 allows remote attackers to inject arbitrary web script or HTML via the device parameter...
CVE-2014-4309
Multiple cross-site scripting XSS vulnerabilities in Openfiler 2.99 allow remote attackers to inject arbitrary web script or HTML via the 1 TinkerAjax parameter to uptime.html, or remote authenticated users to inject arbitrary web script or HTML via the 2 MaxInstances, 3 PassivePorts, 4 Port, 5...
CVE-2023-49488
A cross-site scripting XSS vulnerability in Openfiler ESA v2.99.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the nic parameter...
CVE-2023-49488
A cross-site scripting XSS vulnerability in Openfiler ESA v2.99.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the nic parameter...
CVE-2023-49488
A cross-site scripting XSS vulnerability in Openfiler ESA v2.99.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the nic parameter...
Cross site scripting
A cross-site scripting XSS vulnerability in Openfiler ESA v2.99.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the nic parameter...
CVE-2023-49488
CVE-2023-49488 describes a cross-site scripting (XSS) vulnerability in Openfiler ESA v2.99.1. The issue permits injection of crafted payloads into the nic parameter to execute arbitrary web scripts or HTML. Documented impacts are user interaction is required and affected confidentiality/ integrit...
Openfiler Security Vulnerability
Openfiler is provides an easy way to deploy and manage networked storage. A security vulnerability exists in Openfiler ESA version v2.99.1. An attacker can exploit this vulnerability to execute arbitrary web script or HTML by injecting a specially crafted payload into the nic parameter...