Lucene search
K

24 matches found

Vulnrichment
Vulnrichment
added 2024/06/26 5:25 a.m.14 views

CVE-2024-4105

A vulnerability has been found in FAST/TOOLS and CI Server. The affected product's WEB HMI server's function to process HTTP requests has a security flaw Reflected XSS that allows the execution of malicious scripts. Therefore, if a client PC with inadequate security measures accesses a product UR...

5.8CVSS6.9AI score0.00477EPSS
Exploits0References1
CVE
CVE
added 2024/06/26 5:25 a.m.50 views

CVE-2024-4105

CVE-2024-4105 affects Yokogawa FAST/TOOLS and CI Server. The issue is a reflected XSS in the WEB HMI server when processing HTTP requests, which could allow a malicious script to execute in a client browser. Affected products/versions: FAST/TOOLS RVSVRN/UNSVRN/HMIWEB/FTEES/HMIMOB (R9.01–R10.04) a...

5.8CVSS6.9AI score0.00477EPSS
Exploits0References1
Talos
Talos
added 2022/10/14 12:0 a.m.51 views

Robustel R1510 web_server /action/import_authorized_keys/ OS command injection vulnerability

Talos Vulnerability Report TALOS-2022-1578 Robustel R1510 webserver /action/importauthorizedkeys/ OS command injection vulnerability October 14, 2022 CVE Number CVE-2022-34850 SUMMARY An OS command injection vulnerability exists in the webserver /action/importauthorizedkeys/ functionality of...

9.1CVSS8AI score0.0338EPSS
Exploits1
Talos
Talos
added 2022/08/01 12:0 a.m.52 views

TCL LinkHub Mesh Wifi confctl_get_guest_wlan information disclosure vulnerability

Talos Vulnerability Report TALOS-2022-1503 TCL LinkHub Mesh Wifi confctlgetguestwlan information disclosure vulnerability August 1, 2022 CVE Number CVE-2022-27633 SUMMARY An information disclosure vulnerability exists in the confctlgetguestwlan functionality of TCL LinkHub Mesh Wifi MS1G0001.0014...

7.5CVSS6.7AI score0.0077EPSS
Exploits1
OSV
OSV
added 2020/07/05 4:15 p.m.4 views

CVE-2020-15537

An issue was discovered in the Vanguard plugin 2.1 for WordPress. XSS can occur via the mails/new title field, a product field to the p/ URI, or the Products Search box...

6.1CVSS5.8AI score0.01167EPSS
Exploits2References2
Talos
Talos
added 2019/03/09 12:0 a.m.58 views

WAGO e!COCKPIT Firmware Downgrade Vulnerability

Summary An exploitable firmware downgrade vulnerability exists in the firmware update package functionality of the WAGO e!COCKPIT automation software. A specially crafted firmware update file can allow an attacker to install an older firmware version while the user thinks a newer firmware version...

7.8CVSS7.8AI score0.01114EPSS
Exploits0
Talos
Talos
added 2018/11/19 12:0 a.m.356 views

TP-Link TL-R600VPN HTTP server ping address remote code execution vulnerability

Summary An exploitable remote code execution vulnerability exists in the ping and tracert functionality of the TP-Link TL-R600VPN http server. A specially crafted IP address can cause a stack overflow, resulting in remote code execution. An attacker can send a single authenticated HTTP request to...

8.8CVSS8.2AI score0.02917EPSS
Exploits1
Openbugbounty
Openbugbounty
added 2018/05/21 7:9 p.m.8 views

concordtoys.net XSS vulnerability

Open Bug Bounty ID: OBB-619763 Description| Value ---|--- Affected Website:| concordtoys.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0
Talos
Talos
added 2018/04/04 12:0 a.m.101 views

Natus Xltek EEG NeuroWorks SavePatientMontage Code Execution Vulnerability

Summary An exploitable code execution vulnerability exists in the SavePatientMontage functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can a malicious packet to trigger this vulnerability. Teste...

9.8CVSS9.7AI score0.02314EPSS
Exploits0
seebug.org
seebug.org
added 2017/09/19 12:0 a.m.44 views

Lexmark Perceptive Document Filters XLS ShapeHLink Information Disclosure Vulnerability(CVE-2017-2806)

Summary An exploitable arbitrary read exists in the XLS parsing of the Lexmark Perspective Document Filters conversion functionality. A crafted XLS document can lead to a arbitrary read resulting in memory disclosure. The vulnerability was confirmed on versions 11.3.0.2228 and 11.3.0.2400 Tested...

4.3CVSS4.7AI score0.00908EPSS
Exploits2
seebug.org
seebug.org
added 2017/09/12 12:0 a.m.39 views

Lexmark Perceptive Document Filters PDF GfxFont Code Execution Vulnerability(CVE-2017-2821)

Summary An exploitable use-after-free exists in the PDF parsing functionality of the Lexmark Perspective Document Filters 11.3.0.2400 and 11.4.0.2452. A crafted PDF document can lead to a use-after-free resulting in direct code execution. Tested Versions Lexmark Perceptive Document Filters...

6.8CVSS9.3AI score0.02303EPSS
Exploits1
Openbugbounty
Openbugbounty
added 2017/06/29 2:8 p.m.11 views

truck.uapac.com XSS vulnerability

Vulnerable URL: http://truck.uapac.com/product?cid=1"...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/06/26 8:20 a.m.9 views

dancefavourite.com XSS vulnerability

Vulnerable URL: http://www.dancefavourite.com/Product.asp?small=1/-///'/"//--...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/06/20 2:29 p.m.6 views

greenpatio.com XSS vulnerability

Vulnerable URL: http://www.greenpatio.com/cgi-bin/store/agora.cgi?product=Groundcover=...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/06/20 1:34 p.m.11 views

thebridgehk.com XSS vulnerability

Vulnerable URL: http://thebridgehk.com/ein/Product.asp?men=480=1=1/-///'/"//--...

6.9AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/06/17 2:49 p.m.11 views

geminijets.com XSS vulnerability

Vulnerable URL: http://www.geminijets.com/database/index.php?rproduct=1/-///'/"//--...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2016/12/13 12:0 a.m.56 views

Joomla DT Register SQL Injection

Title: SQL injection in Joomla extension DT Register Credit: Elar Lang / https://security.elarlang.eu Vulnerability: SQL injection Vulnerable version: before 3.1.12 Joomla 3.x / 2.8.18 Joomla 2.5 CVE: pending Full Disclosure URL:...

Exploits0
Exploit DB
Exploit DB
added 2016/12/13 12:0 a.m.52 views

Joomla! Component DT Register - 'cat' SQL Injection

Title: SQL injection in Joomla extension DT Register Credit: Elar Lang / https://security.elarlang.eu Vulnerability: SQL injection Vulnerable version: before 3.1.12 Joomla 3.x / 2.8.18 Joomla 2.5 CVE: pending Full Disclosure URL:...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2016/09/27 12:0 a.m.34 views

TP-Link Archer CR-700 - Cross-Site Scripting

Exploit Title: TP-Link Archer CR-700 XSS vulnerability Google Dork: N/A Date: 09/07/2016 Exploit Author: Ayushman Dutta Vendor Homepage: http://www.tp-link.us/ Software Link: N/A Version: 1.0.6 REQUIRED Tested on: Linux CVE : N/A Exploit Information:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2016/09/27 12:0 a.m.19 views

TP-Link Archer CR-700 - Cross-Site Scripting

TP-Link Archer CR-700 - Cross-Site Scripting Exploit Title: TP-Link Archer CR-700 XSS vulnerability Google Dork: N/A Date: 09/07/2016 Exploit Author: Ayushman Dutta Vendor Homepage: http://www.tp-link.us/ Software Link: N/A Version: 1.0.6 REQUIRED Tested on: Linux CVE : N/A Exploit Information:...

6.8AI score
Exploits0
Rows per page
Query Builder