Airtel 707GR1 Cross-Site Scripting Vulnerability

The Airtel 707GR1 is a wireless router from Airtel. The Airtel 707GR1 suffers from a cross-site scripting vulnerability that stems from the presence of an unknown function in the component Ping Diagnostics that leads to cross-site scripting via the Host Address parameter...

Ping Identity PingFederate Authorization Issues Vulnerability

Ping Identity PingFederate is a flagship software-based federation server in the United States. used for identity management. A security vulnerability exists in Ping Identity PingFederate that stems from the possibility of bypassing authentication under certain configurations...

Ping Identity PingFederate Access Control Error Vulnerability

Ping Identity PingFederate is a flagship software-based federation server in the United States. for identity management. Ping Identity PingFederate suffers from a security vulnerability that stems from the use of the PingOne MFA Adapter to pair new MFA devices without the need for second-factor...

PT-2023-25882 · Ping Identity · Pingfederate Identifier First Adapter

Name of the Vulnerable Software and Affected Versions: PingFederate Identifier First Adapter affected versions not specified Description: The issue allows for authentication bypass under a very specific and highly unrecommended configuration in the PingFederate Identifier First Adapter...

CVE-2023-46059

Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component...

CVE-2023-46059

Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component...

CVE-2023-46059

Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component...

CVE-2023-46059

Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component...

Geeklog 跨站脚本漏洞

Geeklog is Geeklog open source an open source software . Can be used as Weblog, CMS or Web Portal. Geeklog v2.2.2 version of the cross-site scripting vulnerability , the vulnerability stems from the application of the user-supplied data lack of effective filtering and escaping , a remote attacker...

CVE-2023-46055

An issue in ThingNario Photon v.1.0 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted script to the ping function to the "thingnario Logger Maintenance Webpage" endpoint...

CVE-2023-46055

An issue in ThingNario Photon v.1.0 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted script to the ping function to the "thingnario Logger Maintenance Webpage" endpoint...

Code injection

An issue in ThingNario Photon v.1.0 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted script to the ping function to the "thingnario Logger Maintenance Webpage" endpoint...

CVE-2023-46055

An issue in ThingNario Photon v.1.0 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted script to the ping function to the "thingnario Logger Maintenance Webpage" endpoint...

PT-2023-29814 · Unknown · Thingnario Photon

Name of the Vulnerable Software and Affected Versions: ThingNario Photon version 1.0 Description: An issue in the software allows a remote attacker to execute arbitrary code and escalate privileges via a crafted script to the ping function at the "thingnario Logger Maintenance Webpage" endpoint...

CVE-2023-46055

An issue in ThingNario Photon v.1.0 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted script to the ping function to the "thingnario Logger Maintenance Webpage" endpoint...

PT-2023-6355 · Connectize · Connectize Ac21000 G6

Name of the Vulnerable Software and Affected Versions: Connectize AC21000 G6 version 641.139.1.1256 Description: An issue in the Connectize AC21000 G6 allows attackers to run arbitrary commands via a crafted string in the ping utility. The vulnerability is caused by weaknesses in the authorizatio...

CVE-2023-43959

An issue in YeaLinkSIP-T19P-E2 v.53.84.0.15 allows a remote privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component...

CVE-2023-43959

An issue in YeaLinkSIP-T19P-E2 v.53.84.0.15 allows a remote privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component...

Design/Logic Flaw

An issue in YeaLinkSIP-T19P-E2 v.53.84.0.15 allows a remote privileged attacker to execute arbitrary code via a crafted request the ping function of the diagnostic component...

YeaLink SIP-T19P-E2 OS Command Injection Vulnerability

YeaLink SIP-T19P-E2 is a VOIP phone from China YeaLink. A security vulnerability exists in YeaLink SIP-T19P-E2 version v.53.84.0.15, which originates from a vulnerability that allows a privileged attacker to execute arbitrary code via a specially crafted request via the ping feature of the...