EUVD-2017-18938

Telesquare SKT LTE Router SDT-CS3B1 software version 1.2.0 contains an unauthenticated remote reboot vulnerability that allows attackers to trigger device reboot without authentication. Attackers can send POST requests to the lte.cgi endpoint with the Command=Reboot parameter to cause denial of...

EUVD-2020-25625

Malware in sbrugna...

Security Bulletin: A vulnerability has been identified in IBM Elastic Storage System GUI where authorised user can execute unauthorized function (CVE-2020-4378)

Summary A security vulnerability has been identified in all levels of IBM Elastic Storage System 3000 GUI. A fix for this vulnerability is available. Vulnerability Details CVEID: CVE-2020-4378 DESCRIPTION: IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a privileged authenticated user to...

CVE-2020-4378

IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a privileged authenticated user to perform unauthorized actions using a specially crated HTTP POST command. IBM X-Force ID: 179157...

CGI Script Center Account Manager 1.0 LITE / PRO Administrative Password Alteration (2)

No description provided by source. source: http://www.securityfocus.com/bid/1604/info Regardless of privilege level, any remote user can modify the administrative password for CGI Script Centers' Account Manager. In order to accomplish this, a user would access the following URL with a POST...

Wing FTP Server - Cross Site Scripting Vulnerability

Security Advisory: Wing FTP Server - Cross Site Scripting Vulnerability ======================================================== Discovered Date: May 31, 2010 System affected: Wing FTP Server for Windows, Version 3.5.0 and prior version Vulnerability Description: ================== Wing FTP serve...

netbeware.txt

Novell Netware 6.5 Remote Manager HTML Injection Exploit Username: Password: Example -- Username: "var ex=new ActiveXObject"WScript.Shell";ex.run'cmd.exe /C ver';...

Monkey HTTP Server <= 0.5.0 DoS Vulnerability

Monkey HTTP Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2003 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

POST with empty Content-Length

Your web server crashes when it receives an incorrect POST command with an empty 'Content-Length:' field. A cracker may use this bug to disable your server, preventing it from publishing your information. OpenVAS Vulnerability Test $Id: monkeywebpostDoS.nasl 8023 2017-12-07 08:36:26Z teissa $...

Monkey HTTP Daemon (monkeyd) PostMethod() Function Remote Overflow

The version of Monkey web server that you are running is vulnerable to a buffer overflow on a POST command with too much data. It is possible to make this web server crash or execute arbitrary code. C Tenable Network Security, Inc. Ref: From: "Matthew Murphy" To: "BugTraq" Subject: Monkey HTTPd...

IPSwitch IMail 6.x/7.0.x - Web Calendaring Incomplete Post Denial of Service

source: https://www.securityfocus.com/bid/5365/info IMail is a commercial email server software package distributed and maintained by Ipswitch, Incorporated. IMail is available for Microsoft Operating Systems. When a HTTP POST command is made to the web calendaring service on port 8484, and the...

Infinite Interchange 3.61 - Denial of Service

Infinite Interchange 3.61 - Denial of Service source: https://www.securityfocus.com/bid/2140/info Infinite Interchange is a multi function email server which supports most common internet protocols. An example of various functions include an http server and webmail interface. Unfortunately...

Mail File POST Vulnerability

MailFile v 1.10 by Oatmeal-Studios http://www.oatmeal-studios.com This Perl script enables a site's visitor to have a given file dispatched to a specified email address. The visitor is required to select the file from a given list and to enter his or her email address. The data will then be...