666 matches found
CVE-2003-1507
Planet Technology WGSD-1020 and WSW-2401 Ethernet switches expose a default superuser account with the password “planet,” enabling remote administrators to gain full control. The vulnerability is described consistently across CVE records and NVD entries, with a base CVSS2 score of 10.0 (high impa...
CVE-2003-1507
Planet Technology WGSD-1020 and WSW-2401 Ethernet switches use a default "superuser" account with the "planet" password, which allows remote attackers to gain administrative access...
Unfixed XSS vulnerability at search.lonelyplanet.com
Security researcher kaksii, has submitted on 17/09/2007 a cross-site-scripting XSS vulnerability affecting search.lonelyplanet.com, which at the time of submission ranked 3593 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 20/09/2007. It is...
Design/Logic Flaw
The administration interface in the Planet VC-200M VDSL2 router allows remote attackers to cause a denial of service administration interface outage via an HTTP request without a Host header...
CVE-2007-4477
The administration interface in the Planet VC-200M VDSL2 router allows remote attackers to cause a denial of service administration interface outage via an HTTP request without a Host header...
CVE-2007-4477
CVE-2007-4477 affects the Planet VC-200M VDSL2 router. The vulnerability is in the administration interface where an HTTP request without a Host header can cause a denial of service (administration outage). Documented impact from NVD indicates availability impact (PARTIAL). Exploitation details a...
CVE-2007-4477
The administration interface in the Planet VC-200M VDSL2 router allows remote attackers to cause a denial of service administration interface outage via an HTTP request without a Host header...
Planet VC-200M DSL router DoS
Inaccessible administration interface on HTTP GET request with missed Host: header...
Planet VC-200M
Hello 3APA3A! Вот багу нашел, вендор откровенно тупит, похоже не хочет возится с прошивкой, по сему просьба опубликовать, может зачешутся... Planet VC-200M VDSL2 router Built in HTTP-server failure, if "Host:" header absent in HTTP-query. The further remote administration is impossible. Встроенны...
Unfixed XSS vulnerability at www.planet-source-code.com
Security researcher iNs uNkn0wn.eu CreW, has submitted on 02/10/2007 a cross-site-scripting XSS vulnerability affecting www.planet-source-code.com, which at the time of submission ranked 16329 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on...
gb03-db.txt
Discovered by:Aria-Security Team Type:Remote Password Disclosure Download: http://www.planet-source-code.com/vb/scripts/ShowCode.asp?lngWId=4&txtCodeId=6847 PoC: target/path/db/gbook.mdb target/path/db/gbook97.mdb Contact: [email protected]...
CVE-2006-3553
PlaNet Concept planetNews allows remote attackers to bypass authentication and execute arbitrary code via a direct request to news/admin/planetnews.php...
CVE-2006-3553
PlaNet Concept planetNews allows remote attackers to bypass authentication and execute arbitrary code via a direct request to news/admin/planetnews.php...
CVE-2006-3553
The CVE-2006-3553 entry concerns PlaNet Concept planetNews. The vulnerability enables remote attackers to bypass authentication and execute arbitrary code via a direct request to news/admin/planetnews.php. This is the core flaw described in the public description. Connected documents do not suppl...
CVE-2006-2338
PlaNet Concept plaNetStat 20050127 allows remote attackers to gain administrative privileges, and view and configure log files, via a direct request to the 1 admin.php or 2 settings.php page...
Design/Logic Flaw
PlaNet Concept plaNetStat 20050127 allows remote attackers to gain administrative privileges, and view and configure log files, via a direct request to the 1 admin.php or 2 settings.php page...
CVE-2006-2338
PlaNet Concept plaNetStat 20050127 allows remote attackers to gain administrative privileges, and view and configure log files, via a direct request to the 1 admin.php or 2 settings.php page...
CVE-2006-2338
The CVE-2006-2338 issue affects PlaNet Concept plaNetStat (20050127). It allows remote attackers to gain administrative privileges and view/config log files by directly requesting admin.php or settings.php. The connected documents confirm the vulnerability details and impact; no remediation or ex...
planetSearch+ - XSS Vulnerabilities
planetSearch+ - XSS Vulnerabilities -------------------------------------------------------- Software: planetSearch+ Version: 26.10.2005 Type: Cross Site Scripting Vulnerability Date: Apr 13 20:44:54 CEST 2006 Vendor: PlaNet Concept e.K. Page: http://www.planetc.de Risc: Low credits:...
CVE-2005-3196
Planet Technology Corp FGSW2402RS switch with firmware 1.2 has a default password, which allows attackers with physical access to the device's serial port to gain privileges...