31 matches found
EUVD-2004-0237
Malware in sbrugna...
EUVD-2007-2419
Malware in sbrugna...
CVE-2018-10748
An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'show' parameter to the '/userfs/bin/tcapi' binary in the Diagnostics component using the 'show ' function and cause memory corruption. Furthermore, it is possible to redirect the flow of...
CVE-2024-4993
Vulnerability in SiAdmin 1.1 that allows XSS via the /show.php query parameter. This vulnerability could allow a remote attacker to send a specially crafted URL to an authenticated user and thereby steal their cookie session credentials...
Ambit Technologies Itech Movie Portal Script SQL注入漏洞
Ambit Technologies Itech Movie Portal Script is a Movie Portal Script from Ambit Technologies, USA. An SQL injection vulnerability exists in Ambit Technologies Itech Movie Portal Script version 7.36, which stems from an unknown function in shownews.php, where manipulation of the parameter id can...
DEBIAN-CVE-2019-7330
Reflected Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'show' parameter value in the view frame frame.php because proper filtration is omitted...
UBUNTU-CVE-2019-7330
Reflected Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'show' parameter value in the view frame frame.php because proper filtration is omitted...
CVE-2018-10748
An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'show' parameter to the '/userfs/bin/tcapi' binary in the Diagnostics component using the 'show ' function and cause memory corruption. Furthermore, it is possible to redirect the flow of...
PT-2018-3913 · D Link · D-Link Dsl-3782
Name of the Vulnerable Software and Affected Versions: D-Link DSL-3782 versions 1.01 Description: The issue is related to a buffer overflow in the /userfs/bin/tcapi binary of the Diagnostics component in the D-Link DSL-3782 router's firmware. This can be exploited by passing a long buffer as the...
Photo Transfer (2) v1.0 iOS - Denial of Service Vulnerability
Document Title: =============== Photo Transfer 2 v1.0 iOS - Denial of Service Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1580 Release Date: ============= 2015-08-20 Vulnerability Laboratory ID VL-ID: ===================================...
CVE-2010-5029
SQL injection vulnerability in index.php in Ecomat CMS 5.0 allows remote attackers to execute arbitrary SQL commands via the show parameter in a web action...
CVE-2009-4859
Multiple cross-site scripting XSS vulnerabilities in Online Work Order Suite OWOS Lite Edition 3.10 allow remote attackers to inject arbitrary web script or HTML via the show parameter to 1 default.asp and 2 report.asp, and the 3 go parameter to login.asp...
CVE-2010-1742
Cross-site scripting XSS vulnerability in projects.php in Scratcher allows remote attackers to inject arbitrary web script or HTML via the show parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in projects.php in Scratcher allows remote attackers to inject arbitrary web script or HTML via the show parameter...
CVE-2010-1742
Cross-site scripting XSS vulnerability in projects.php in Scratcher allows remote attackers to inject arbitrary web script or HTML via the show parameter...
CVE-2009-3356
SQL injection vulnerability in index.php in Image voting 1.0 allows remote attackers to execute arbitrary SQL commands via the show parameter...
Sql injection
SQL injection vulnerability in index.php in Image voting 1.0 allows remote attackers to execute arbitrary SQL commands via the show parameter...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in PG MatchMaking allow remote attackers to inject arbitrary web script or HTML via the show parameter to 1 browseladies.php and 2 browsemen.php, the 3 gender parameter to search.php, and the 4 id parameter to services.php...
CVE-2009-2882
Multiple cross-site scripting XSS vulnerabilities in PG MatchMaking allow remote attackers to inject arbitrary web script or HTML via the show parameter to 1 browseladies.php and 2 browsemen.php, the 3 gender parameter to search.php, and the 4 id parameter to services.php...
PT-2009-4245 · Ulteo · Ulteo Open Virtual Desktop
Name of the Vulnerable Software and Affected Versions: Ulteo Open Virtual Desktop version 1.0 Description: The issue allows remote attackers to inject arbitrary web script or HTML, potentially leading to cross-site scripting XSS attacks. This can be achieved via several API endpoints, including...