16 matches found
EUVD-2008-6831
Malware in sbrugna...
EUVD-2008-7039
Malware in sbrugna...
EUVD-2007-0083
Malware in sbrugna...
EUVD-2024-25498
Malicious code in bioql PyPI...
CVE-2025-58457
Improper permission check in ZooKeeper AdminServer lets authorized clients to run snapshot and restore command with insufficient permissions. This issue affects Apache ZooKeeper: from 3.9.0 before 3.9.4. Users are recommended to upgrade to version 3.9.4, which fixes the issue. The issue can be...
CVE-2024-28401
TOTOLINK X2000R before v1.0.0-B20231213.1013 contains a Store Cross-site scripting XSS vulnerability in Root Access Control under the Wireless Page...
The vulnerability of the Root Access Control component of the Totolink X2000R microprogramming system allows attackers to carry out cross-site scripting attacks.
The vulnerability of the Root Access Control component of the Totolink X2000R microprogramming system for routers is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...
CVE-2024-28401
TOTOLINK X2000R before v1.0.0-B20231213.1013 contains a Store Cross-site scripting XSS vulnerability in Root Access Control under the Wireless Page...
CVE-2024-28401
TOTOLINK X2000R before v1.0.0-B20231213.1013 contains a Store Cross-site scripting XSS vulnerability in Root Access Control under the Wireless Page...
CVE-2024-28401
TOTOLINK X2000R firmware before v1.0.0-B20231213.1013 contains a Store Cross-site Scripting (XSS) vulnerability in Root Access Control under the Wireless Page. The issue arises from inadequate input validation/escaping of user-supplied data, enabling an attacker to inject arbitrary web script or ...
CVE-2024-28401
TOTOLINK X2000R before v1.0.0-B20231213.1013 contains a Store Cross-site scripting XSS vulnerability in Root Access Control under the Wireless Page...
WANGKONGBAO CNS-1000 UTM IPS-FW - Directory Traversal (Metasploit)
Exploit Title: WANGKONGBAO CNS-1000 and 1100 Network Security Platform UTM Directory Traversal Date: 7/2/2012 Exploit Author: Dillon Beresford Vendor Homepage: http://www.wangkongbao.com/products.html Version: CNS-1000 and 1100 The issue is in the /src/acloglogin.php langid and lang parameters...
CVE-2008-6387
Quick Tree View .NET 3.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request to qtv.mdb...
CVE-2008-5603
ASPTicker 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file via a direct request for news.mdb...
CVE-2006-5316
registroTL stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for /usuarios.dat...
FreeBSD Ports Security Advisory FreeBSD-SA-01:27.cfengine
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:27 Security Advisory FreeBSD, Inc. Topic: cfengine port contains remote root vulnerability Category: ports Module: cfengine Announced: 2001-03-12 Credits: Pekka Savola...