Lucene search
K

115 matches found

VulnCheck KEV
VulnCheck KEV
added 2020/07/04 12:0 a.m.4 views

VulnCheck KEV: CVE-2013-2578

cgi-bin/admin/servetest in TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and possibly other models before beta firmware LM.1.6.18P12sign6 allows remote attackers to execute arbitrary commands via shell metacharacters in 1 the ServerName parameter and 2 other unspecified...

10CVSS6.1AI score0.73713EPSS
Exploits7References1
NVD
NVD
added 2019/10/16 10:15 p.m.15 views

CVE-2019-17607

HongCMS 3.0.0 has XSS via the install/index.php servername parameter...

6.1CVSS6.1AI score0.01029EPSS
Exploits1References3
Prion
Prion
added 2019/10/16 10:15 p.m.11 views

Design/Logic Flaw

HongCMS 3.0.0 has XSS via the install/index.php servername parameter...

4.3CVSS6AI score0.01029EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2019/10/16 9:13 p.m.16 views

CVE-2019-17607

HongCMS 3.0.0 has XSS via the install/index.php servername parameter...

6.1AI score0.01029EPSS
Exploits1References3
CVE
CVE
added 2019/10/16 9:13 p.m.93 views

CVE-2019-17607

CVE-2019-17607 affects HongCMS 3.0.0 with a cross-site scripting (XSS) vulnerability exploitable via the install/index.php servername parameter. Reported impact in CNVD/NVD notes client-side code execution; the CNVD entry explicitly describes XSS, while the NVD entry summarizes the risk. The avai...

6.1CVSS6AI score0.01029EPSS
Exploits1References3Affected Software1
Exploit DB
Exploit DB
added 2019/02/05 12:0 a.m.82 views

BEWARD N100 H.264 VGA IP Camera M2.1.6 - Remote Code Execution

BEWARD N100 H.264 VGA IP Camera M2.1.6 Root Remote Code Execution Vendor: Beward R&D Co., Ltd Product web page: https://www.beward.net Affected version: M2.1.6.04C014 Summary: The N100 compact color IP camera with support for a more efficient compression format is optimized for low-speed networks...

7.4AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/11/25 7:37 a.m.12 views

riftgoldshop.com XSS vulnerability

Vulnerable URL: http://www.riftgoldshop.com/selectserver-usd.asp?ServerName="'--!confirm/OPENBUGBOUNTY/...

6.9AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2015/05/19 12:0 a.m.34 views

Eisbär SCADA (All Versions) - Persistent UI Vulnerability

Document Title: =============== Eisbär SCADA All Versions - Persistent UI Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1456 Release Date: ============= 2015-05-19 Vulnerability Laboratory ID VL-ID: ==================================== 14...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2015/04/13 12:0 a.m.343 views

Samba 3.6.2 (x86) - Denial of Service (PoC)

Samba 3.6.2 x86 - Denial of Service PoC !/usr/bin/python """ Exploit for Samba vulnerabilty CVE-2015-0240 by sleepya The exploit only targets vulnerable x86 smbd 3.6.24 which 'creds' is controlled by ReferentID field of PrimaryName ServerName. That means 'talloczero' in libtalloc does not write a...

10CVSS0.1AI score0.87636EPSS
Exploits7
Hacker One
Hacker One
added 2014/09/29 9:49 a.m.27 views

X (Formerly Twitter): XSS platform.twitter.com | video-js metadata

https://platform.twitter.com/video/video-js.1e43b81a2f30220a16fd493aaf072451.swf VideoJS does not escape metadata passed to JavaScript via ExternalInterface. Since VideoJS does not load a required policy file to read metadata from mp3s loaded from an external server via http we need to use rtmp...

6.9AI score
Exploits0
OSV
OSV
added 2014/09/04 5:55 p.m.1 views

DEBIAN-CVE-2014-6060

The getoption function in dhcpcd 4.0.0 through 6.x before 6.4.3 allows remote DHCP servers to cause a denial of service by resetting the DHOOPTIONSOVERLOADED option in the 1 bootfile or 2 servername section, which triggers the option to be processed again...

3.3CVSS8.6AI score0.00441EPSS
Exploits0References1
OSV
OSV
added 2014/09/04 5:55 p.m.4 views

UBUNTU-CVE-2014-6060

The getoption function in dhcpcd 4.0.0 through 6.x before 6.4.3 allows remote DHCP servers to cause a denial of service by resetting the DHOOPTIONSOVERLOADED option in the 1 bootfile or 2 servername section, which triggers the option to be processed again...

3.3CVSS7.3AI score0.00441EPSS
Exploits0References3
Atlassian
Atlassian
added 2007/09/13 8:15 a.m.21 views

XSS Bug in printable link display

A Cross sites scripting vulnerability exists in macro used to render the 'printable' link. Here is an exploit for the vulnerability that works https://servername/wiki/display/a/2007/09/%22%3E%3Cscript%3Ealert'Watchfire%20XSS%20Test%20Successful'%3C/script%3E Bug was found using APPScan...

6.7AI score
Exploits0Affected Software1
NVD
NVD
added 2007/07/05 7:30 p.m.24 views

CVE-2007-3011

The DBAsciiAccess CGI Script in the web interface in Fujitsu-Siemens Computers ServerView before 4.50.09 allows remote attackers to execute arbitrary commands via shell metacharacters in the Servername subparameter of the ParameterList parameter...

7.5CVSS7.5AI score0.04165EPSS
Exploits3References8
Packet Storm
Packet Storm
added 2006/11/14 12:0 a.m.24 views

cpanel10-xss.txt

Aria-Security Team Advisory Original Advisory : http://aria-security.net/advisory/cpanel.txt ----------------------------------------------------------- Software: CPanel Tested On CPanel 10 CPanel file Manager: PoC: http://target.com:2082/frontend/Servername/files/seldir.html?dir=XSS CPanel...

7.4AI score
Exploits0
Rows per page
Query Builder