22 matches found
EUVD-2014-4967
Malware in sbrugna...
EUVD-2014-4968
Malware in sbrugna...
EUVD-2014-4969
Malware in sbrugna...
EUVD-2014-4970
Malware in sbrugna...
Microsemi Symmetricom s350i Path Traversal Vulnerability
Microsemi Symmetricom s350i is a clock server from Microsemi Corporation. web application is one of the web applications. A directory traversal vulnerability exists in the web application in Microsemi Symmetricom s350i version 2.70.15. A remote attacker could exploit the directory traversal...
Microsemi Symmetricom s350i Elevation of Privilege Vulnerability
Microsemi Symmetricom s350i is a clock server from Microsemi Corporation. A security vulnerability exists in Microsemi Symmetricom s350i version 2.70.15. A remote attacker can exploit this vulnerability to gain privileges...
CVE-2014-5070
Symmetricom s350i 2.70.15 allows remote authenticated users to gain privileges via vectors related to pushing unauthenticated users to the login page...
Design/Logic Flaw
Symmetricom s350i 2.70.15 allows remote authenticated users to gain privileges via vectors related to pushing unauthenticated users to the login page...
Directory traversal
Directory traversal vulnerability in the web application in Symmetricom s350i 2.70.15 allows remote attackers to read arbitrary files via a 1 ../ dot dot slash or 2 ..\ dot dot forward slash before a file name...
CVE-2014-5068
Directory traversal vulnerability in the web application in Symmetricom s350i 2.70.15 allows remote attackers to read arbitrary files via a 1 ../ dot dot slash or 2 ..\ dot dot forward slash before a file name...
CVE-2014-5068
Directory traversal vulnerability in the web application in Symmetricom s350i 2.70.15 allows remote attackers to read arbitrary files via a 1 ../ dot dot slash or 2 ..\ dot dot forward slash before a file name...
CVE-2014-5070
The CVE-2014-5070 entry affects Microsemi Symmetricom s350i clock server, version 2.70.15. The vulnerability enables remote privilege escalation where remote authenticated users can gain privileges by pushing unauthenticated users to the login page. Root cause details are not explicitly stated in...
CVE-2014-5070
Symmetricom s350i 2.70.15 allows remote authenticated users to gain privileges via vectors related to pushing unauthenticated users to the login page...
CVE-2014-5068
Summary: CVE-2014-5068 is a directory traversal vulnerability in the web application of Microsemi/Microsemi Symmetricom s350i (version 2.70.15). The issue allows remote attackers to read arbitrary files by using file name prefixes like â../â or â..\â before the target file name. The connected CNV...
Microsemi Symmetricom s350i Cross-Site Scripting Vulnerability
Microsemi Symmetricom s350i is a clock server from Microsemi Corporation. A cross-site scripting vulnerability exists in Microsemi Symmetricom s350i version 2.70.15. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...
Microsemi Symmetricom s350i SQL Injection Vulnerability
Microsemi Symmetricom s350i is a clock server from Microsemi Corporation. A SQL injection vulnerability exists in the 'checkPassword' function in the Microsemi Symmetricom s350i version 2.70.15. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands...
Cross site scripting
Cross-site scripting XSS vulnerability in Symmetricom s350i 2.70.15 allows remote attackers to inject arbitrary web script or HTML via vectors involving system logs...
Sql injection
SQL injection vulnerability in the checkPassword function in Symmetricom s350i 2.70.15 allows remote attackers to execute arbitrary SQL commands via vectors involving a username...
CVE-2014-5069
Cross-site scripting XSS vulnerability in Symmetricom s350i 2.70.15 allows remote attackers to inject arbitrary web script or HTML via vectors involving system logs...
CVE-2014-5071
SQL injection vulnerability in the checkPassword function in Symmetricom s350i 2.70.15 allows remote attackers to execute arbitrary SQL commands via vectors involving a username...