CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-16725

Malware in sbrugna...

5.4CVSS5.6AI score0.00206EPSS

Exploits1References2

OpenVAS•added 2020/11/04 12:0 a.m.•15 views

NeDi <= 1.9C Multiple XSS Vulnerabilities

NeDi is prone to multiple cross-site scripting XSS vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

6.1AI score

Exploits0References2

OSV•added 2020/11/02 10:15 p.m.•1 views

CVE-2020-23989

NeDi 1.9C allows pwsec.php oid XSS...

5.4CVSS6.1AI score0.00206EPSS

Exploits1References1

NVD•added 2020/11/02 10:15 p.m.•10 views

CVE-2020-23989

NeDi 1.9C allows pwsec.php oid XSS...

5.4CVSS5.6AI score0.00206EPSS

Exploits1References1

Prion•added 2020/11/02 10:15 p.m.•13 views

Cross site scripting

NeDi 1.9C allows pwsec.php oid XSS...

3.5CVSS5.6AI score0.00206EPSS

Exploits1References1Affected Software1

Cvelist•added 2020/11/02 9:49 p.m.•14 views

CVE-2020-23989

NeDi 1.9C allows pwsec.php oid XSS...

5.5AI score0.00206EPSS

Exploits1References1

CVE•added 2020/11/02 9:49 p.m.•40 views

CVE-2020-23989

NeDi 1.9C contains a cross-site scripting vulnerability in pwsec.php (XSS via pwsec.php oid). The CVE entry CVE-2020-23989 documents a pwsec.php oid XSS affecting NeDi 1.9C. Connected sources (CNVD-2020-62487, OPENVAS) corroborate multiple XSS vulnerabilities in NeDi

5.4CVSS5.5AI score0.00206EPSS

Exploits1References1Affected Software1

CNVD•added 2020/06/30 12:0 a.m.•0 views

NeDi Consulting Unspecified Vulnerability in NeDi

NeDi Consulting NeDi is a suite of open source software that supports the discovery and mapping of network devices from the Swiss company NeDi Consulting. A security vulnerability exists in NeDi Consulting NeDi version 1.9C, which stems from the pwsec.php file not properly escaping shell...

9CVSS7.3AI score0.02825EPSS

Exploits0References1

NVD•added 2020/06/29 5:15 p.m.•11 views

CVE-2020-14414

NeDi 1.9C is vulnerable to Remote Command Execution. pwsec.php improperly escapes shell metacharacters from a POST request. An attacker can exploit this by crafting an arbitrary payload any system commands that contains shell metacharacters via a POST request with a pw parameter. This can also be...

9CVSS0.02825EPSS

Exploits0References1

OSV•added 2020/06/29 5:15 p.m.•0 views

CVE-2020-14414

8.8CVSS7.4AI score0.02825EPSS

Exploits0References1

Prion•added 2020/06/29 5:15 p.m.•13 views

Cross site request forgery (csrf)

9CVSS8.7AI score0.02825EPSS

Exploits0References1Affected Software1

Cvelist•added 2020/06/29 4:41 p.m.•11 views

CVE-2020-14414

8.8AI score0.02825EPSS

Exploits0References1

CVE•added 2020/06/29 4:41 p.m.•48 views

CVE-2020-14414

CVE-2020-14414 affects NeDi 1.9C. The pwsec.php component fails to safely escape shell metacharacters in a POST request parameter (pw), leading to Remote Command Execution. An attacker can craft an arbitrary command payload containing shell metacharacters via a POST request, with CSRF potentially...

9CVSS8.6AI score0.02825EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by