115 matches found
VulnCheck KEV: CVE-2013-2578
cgi-bin/admin/servetest in TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and possibly other models before beta firmware LM.1.6.18P12sign6 allows remote attackers to execute arbitrary commands via shell metacharacters in 1 the ServerName parameter and 2 other unspecified...
CVE-2019-17607
HongCMS 3.0.0 has XSS via the install/index.php servername parameter...
Design/Logic Flaw
HongCMS 3.0.0 has XSS via the install/index.php servername parameter...
CVE-2019-17607
HongCMS 3.0.0 has XSS via the install/index.php servername parameter...
CVE-2019-17607
CVE-2019-17607 affects HongCMS 3.0.0 with a cross-site scripting (XSS) vulnerability exploitable via the install/index.php servername parameter. Reported impact in CNVD/NVD notes client-side code execution; the CNVD entry explicitly describes XSS, while the NVD entry summarizes the risk. The avai...
BEWARD N100 H.264 VGA IP Camera M2.1.6 - Remote Code Execution
BEWARD N100 H.264 VGA IP Camera M2.1.6 Root Remote Code Execution Vendor: Beward R&D Co., Ltd Product web page: https://www.beward.net Affected version: M2.1.6.04C014 Summary: The N100 compact color IP camera with support for a more efficient compression format is optimized for low-speed networks...
riftgoldshop.com XSS vulnerability
Vulnerable URL: http://www.riftgoldshop.com/selectserver-usd.asp?ServerName="'--!confirm/OPENBUGBOUNTY/...
Eisbär SCADA (All Versions) - Persistent UI Vulnerability
Document Title: =============== Eisbär SCADA All Versions - Persistent UI Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1456 Release Date: ============= 2015-05-19 Vulnerability Laboratory ID VL-ID: ==================================== 14...
Samba 3.6.2 (x86) - Denial of Service (PoC)
Samba 3.6.2 x86 - Denial of Service PoC !/usr/bin/python """ Exploit for Samba vulnerabilty CVE-2015-0240 by sleepya The exploit only targets vulnerable x86 smbd 3.6.24 which 'creds' is controlled by ReferentID field of PrimaryName ServerName. That means 'talloczero' in libtalloc does not write a...
X (Formerly Twitter): XSS platform.twitter.com | video-js metadata
https://platform.twitter.com/video/video-js.1e43b81a2f30220a16fd493aaf072451.swf VideoJS does not escape metadata passed to JavaScript via ExternalInterface. Since VideoJS does not load a required policy file to read metadata from mp3s loaded from an external server via http we need to use rtmp...
DEBIAN-CVE-2014-6060
The getoption function in dhcpcd 4.0.0 through 6.x before 6.4.3 allows remote DHCP servers to cause a denial of service by resetting the DHOOPTIONSOVERLOADED option in the 1 bootfile or 2 servername section, which triggers the option to be processed again...
UBUNTU-CVE-2014-6060
The getoption function in dhcpcd 4.0.0 through 6.x before 6.4.3 allows remote DHCP servers to cause a denial of service by resetting the DHOOPTIONSOVERLOADED option in the 1 bootfile or 2 servername section, which triggers the option to be processed again...
XSS Bug in printable link display
A Cross sites scripting vulnerability exists in macro used to render the 'printable' link. Here is an exploit for the vulnerability that works https://servername/wiki/display/a/2007/09/%22%3E%3Cscript%3Ealert'Watchfire%20XSS%20Test%20Successful'%3C/script%3E Bug was found using APPScan...
CVE-2007-3011
The DBAsciiAccess CGI Script in the web interface in Fujitsu-Siemens Computers ServerView before 4.50.09 allows remote attackers to execute arbitrary commands via shell metacharacters in the Servername subparameter of the ParameterList parameter...
cpanel10-xss.txt
Aria-Security Team Advisory Original Advisory : http://aria-security.net/advisory/cpanel.txt ----------------------------------------------------------- Software: CPanel Tested On CPanel 10 CPanel file Manager: PoC: http://target.com:2082/frontend/Servername/files/seldir.html?dir=XSS CPanel...