D-Link DIR-Series Routers - '/model/__show_info.php' Local File Disclosure

source: https://www.securityfocus.com/bid/64043/info Multiple D-Link DIR series routers are prone to a local file-disclosure vulnerability because it fails to adequately validate user-supplied input. Exploiting this vulnerability would allow an attacker to obtain potentially sensitive information...

Microsoft SharePoint Foundation Remote Code Execution vulnerability (2885089)

This host is missing an important security update according to Microsoft Bulletin MS13-084. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...

davfs2 1.4.61.4.7 - Local Privilege Escalation

davfs2 1.4.61.4.7 - Local Privilege Escalation davfs2 1.4.6/1.4.7 local privilege escalation exploit Bug Description: davfs2 is a Linux utility which allows OS users to mount a remote webdav server as a local partition. The bug is well documented at...

Multiple Zoom Telephonics Devices Multiple Security Vulnerabilities (Aug 2013) - Active Check

Multiple Zoom Telephonics devices are prone to an information disclosure vulnerability, an authentication bypass vulnerability and an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright ...

Batavi - index.php Cross-Site Scripting

Batavi - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/58151/info Batavi is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an...

php-Charts <= 1.0 RCE Vulnerability - Active Check

php-Charts is prone to an arbitrary PHP code execution vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

Symantec Messaging Gateway < 10.0 CSRF Vulnerability

Symantec Messaging Gateway is prone to a cross-site request forgery CSRF vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Symphony Multiple Remote Security Vulnerabilities

Symphony is prone to multiple remote security vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Toshiba ConfigFree CF7 File Stack Buffer Overflow &#40;ProfileName&#41;

/-------------------------------------------------------------------------------- | Toshiba ConfigFree CF7 File Stack Buffer Overflow ProfileName | --------------------------------------------------------------------------------/ Summary ======= There is a stack buffer overflow vulnerability in t...

Vivotek Network Cameras Information Disclosure Vulnerability - Active Check

Vivotek Network Cameras are prone to an information disclosure vulnerability. Copyright C 2012 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program i...

ManageEngine Firewall Analyzer 7.2 - &#039;fw/syslogViewer.do?port&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/52841/info Firewall Analyzer is prone to multiple cross-site scripting vulnerabilities because it fails to sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the...

EasyPHP - &#039;main.php&#039; SQL Injection

source: https://www.securityfocus.com/bid/52781/info EasyPHP is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or modif...

EditWrxLite CMS RCE Vulnerability (Feb 2012) - Active Check

EditWrxLite CMS is prone to a remote command execution RCE vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

project-open 3.4.x - account-closed.tcl Cross-Site Scripting

project-open 3.4.x - account-closed.tcl Cross-Site Scripting source: https://www.securityfocus.com/bid/51842/info project-open is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary...

ExpressView Browser Plugin 6.5.0.3330 - Multiple Integer Overflow Remote Code Execution Vulnerabilities

ExpressView Browser Plugin 6.5.0.3330 - Multiple Integer Overflow Remote Code Execution Vulnerabilities source: https://www.securityfocus.com/bid/51367/info ExpressView Browser Plug-in is prone to multiple integer overflow and remote code-execution vulnerabilities. Successful attacks will allow...

Wireshark - Buffer Underflow / Denial of Service

source: https://www.securityfocus.com/bid/51710/info Wireshark is prone to a buffer-underflow vulnerability and multiple denial-of-service vulnerabilities. Remote attackers can exploit these issues to execute arbitrary code in the context of the application or cause denial-of-service conditions...

eFront <= 3.6.10 build 11944 Multiple XSS Vulnerabilities

eFront is prone to multiple cross-site scripting XSS vulnerabilities because the software fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

ProjectForum 7.0.1 3038 - &#039;more&#039; Object HTML Injection

source: https://www.securityfocus.com/bid/49895/info ProjectForum is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of th...

Cogent DataHub Multiple Vulnerabilities - Active Check

Cogent DataHub is prone to a directory traversal vulnerability, an information disclosure vulnerability and to multiple buffer-overflow and integer-overflow vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

Lasernet CMS <= 1.5 SQLi Vulnerability - Active Check

Lasernet CMS is prone to an SQL injection SQLi vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...