Lucene search
+L

155 matches found

0day.today
0day.today
added 2021/10/25 12:0 a.m.227 views

Engineers Online Portal 1.0 - (id) SQL Injection Vulnerability

Exploit Title: Engineers Online Portal 1.0 - 'id' SQL Injection Exploit Author: Alon Leviev Category: Web application Vendor Homepage: https://www.sourcecodester.com/php/13115/engineers-online-portal-php.html Software Link:...

0.4AI score
Exploits0
CNVD
CNVD
added 2021/06/07 12:0 a.m.9 views

D-Link DIR-868L Information Disclosure Vulnerability

The D-Link DIR-868L is a wireless AC1750 dual-band Gigabit cloud router. A credential disclosure vulnerability exists in the D-Link DIR-868L version 3.01. An attacker can exploit this vulnerability by decompiling the firmware to access the firmware and extract sensitive data...

7.5CVSS6.6AI score0.01354EPSS
Exploits1References1
NVD
NVD
added 2021/06/04 8:15 p.m.24 views

CVE-2020-29323

The D-link router DIR-885L-MFC 1.15b02, v1.21b05 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and to extract sensitive data...

7.5CVSS0.01409EPSS
Exploits1References1
Prion
Prion
added 2021/06/04 8:15 p.m.15 views

Command injection

The D-Link router DIR-880L 1.07 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and to extract sensitive data...

5CVSS7.6AI score0.01711EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2021/06/04 8:15 p.m.16 views

Design/Logic Flaw

The DLink Router DIR-895L MFC v1.21b05 is vulnerable to credentials disclosure in telnet service through decompilation of firmware, that allows an unauthenticated attacker to gain access to the firmware and to extract sensitive data...

5CVSS7.6AI score0.01073EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/06/04 12:0 a.m.7 views

D-Link DIR-868L 信息泄露漏洞

The D-Link DIR-868L is a wireless AC1750 dual-band Gigabit cloud router. A credential disclosure vulnerability exists in the D-Link DIR-868L version 3.01. An attacker can exploit this vulnerability by decompiling the firmware to access the firmware and extract sensitive data...

7.5CVSS5.6AI score0.01354EPSS
Exploits1References1
SonicWall
SonicWall
added 2021/05/28 7:3 p.m.16 views

SonicWall 802.11 Frame Aggregation and Fragmentation Vulnerabilities (FragAttacks)

Vulnerabilities in IEEE 802.11 implementation were found. These vulnerabilities could allow an attacker to inject malicious frames into legitimate WiFi traffic. The discovered vulnerabilities affect all modern security protocols of WiFi, including the latest WPA3. Successful exploitation of these...

4.6CVSS7AI score0.07604EPSS
Exploits4
OSV
OSV
added 2020/09/03 7:17 p.m.16 views

GHSA-4J54-MMMV-HJPM Malicious Package in slush-fullstack-framework

Version 0.9.2 of slush-fullstack-framework contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment. It'...

7.2AI score
Exploits0References1
OSV
OSV
added 2020/09/03 7:14 p.m.12 views

GHSA-XWG3-GJXH-C8PM Malicious Package in ngx-context-menu

Version 0.0.26 of ngx-context-menu contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment. It's also...

7.2AI score
Exploits0References1
OSV
OSV
added 2020/09/03 7:12 p.m.22 views

GHSA-JF55-RGPX-P6RX Malicious Package in iie-viz

Version 1.0.4 of iie-viz contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment. It's also recommended...

7.2AI score
Exploits0References1
OSV
OSV
added 2020/09/03 7:6 p.m.7 views

GHSA-226W-6HHJ-69HP Malicious Package in cal_rd

Version 0.1.1 of rccal contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment. It's also recommended t...

9.8CVSS7.2AI score
Exploits0References1
OSV
OSV
added 2020/09/03 2:35 a.m.7 views

GHSA-48HW-37G6-3GW4 Malicious Package in mx-nested-menu

Version 0.1.30 of mx-nested-menu contained malicious code. The code when executed in the browser would enumerate password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment and evaluat...

7.2AI score
Exploits0References1
OSV
OSV
added 2020/09/03 12:34 a.m.18 views

GHSA-GJC9-932X-C59P Malicious Package in leaflet-gpx

Version 1.0.1 of leaflet-gpx contained malicious code. The code when executed in the browser would enumerate password, cvc and cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation Remove the package from your environment and evaluate yo...

7.2AI score
Exploits0References1
Veracode
Veracode
added 2020/09/02 5:18 a.m.7 views

Malicious Package

oauth-validator is a malicious package. The package contains code that when executed in the browser, would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl=...

1.5AI score
Exploits0
Veracode
Veracode
added 2020/09/02 5:13 a.m.16 views

Malicious Package

modlibrary is a malicious package. The package contains code that when executed in the browser, would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl=...

2AI score
Exploits0
Veracode
Veracode
added 2020/09/02 2:52 a.m.9 views

Malicious Package

react-server-native is a malicious package. The library contains code that when executed in the browser, would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl=...

1.6AI score
Exploits0
Packet Storm
Packet Storm
added 2020/09/02 12:0 a.m.264 views

COVR 3902 1.01B0 Hardcoded Credentials

Title: Telnet Hardcoded Credentials Summary: The latest versions of the firmware have hardcoded default credentials that can be exploited by an unauthenticated attacker to gain privileged access to the firmware and to extract sensitive data Affected Firmware: COVR-3902REVAROUTERFIRMWAREv1.01B0 CV...

9.7AI score0.03933EPSS
Exploits3
Github Security Blog
Github Security Blog
added 2020/09/01 8:33 p.m.30 views

Malicious Package in react-server-native

Version 0.0.7 of react-server-native contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation If version 0.0.7 of this module is found installed...

6.9AI score
Exploits0References2Affected Software1
OSV
OSV
added 2020/09/01 8:26 p.m.13 views

GHSA-9CQ4-MHMR-84GM Malicious Package in jasmin

Version 0.0.3 of jasmin contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation If version 0.0.3 of this module is found installed you will want...

7.1AI score
Exploits0References1
Github Security Blog
Github Security Blog
added 2020/09/01 7:53 p.m.21 views

Malicious Package in css_transform_step

Version 1.0.6 of csstransformstep contained malicious code. The code when executed in the browser would enumerate password, cvc, cardnumber fields from forms and send the extracted values to https://js-metrics.com/minjs.php?pl= Recommendation If version 1.0.6 of this module is found installed you...

6.9AI score
Exploits0References2Affected Software1
Rows per page
Query Builder