18 matches found
EUVD-2017-15115
Malware in sbrugna...
EUVD-2017-15117
Malware in sbrugna...
CVE-2017-6047
Detcon Sitewatch Gateway, all versions without cellular, Passwords are presented in plaintext in a file that is accessible without authentication...
Authentication flaw
Detcon Sitewatch Gateway, all versions without cellular, Passwords are presented in plaintext in a file that is accessible without authentication...
Code injection
Detcon Sitewatch Gateway, all versions without cellular, an attacker can edit settings on the device using a specially crafted URL...
CVE-2017-6049
Detcon Sitewatch Gateway, all versions without cellular, an attacker can edit settings on the device using a specially crafted URL...
CVE-2017-6047
Detcon SiteWatch Gateway (all non-cellular versions) has a plaintext password exposure: passwords are stored in a file accessible without authentication. This CVE-2017-6047 is documented in multiple sources (NVD entry and ICS-CERT-related advisory context) and indicates an authentication weakness...
CVE-2017-6047
Detcon Sitewatch Gateway, all versions without cellular, Passwords are presented in plaintext in a file that is accessible without authentication...
CVE-2017-6049
Detcon SiteWatch Gateway (all non-cellular versions) is affected by CVE-2017-6049. A remote attacker can edit device settings via a specially crafted URL due to improper authentication. CVSSv3 base score 9.1 (HIGH) with network access, no privileges required, and high integrity impact. ICS-CERT n...
CVE-2017-6049
Detcon Sitewatch Gateway, all versions without cellular, an attacker can edit settings on the device using a specially crafted URL...
Detcon SiteWatch Gateway Authentication Vulnerability (CNVD-2017-07181)
Detcon SiteWatch Gateway is a gateway device from Detcon. An authentication vulnerability exists in Detcon SiteWatch Gateway. A remote attacker could exploit this vulnerability to change settings via a specially crafted URL...
Detcon SiteWatch Gateway Authentication Vulnerability
Detcon SiteWatch Gateway is a gateway device from Detcon. An authentication vulnerability exists in Detcon SiteWatch Gateway. The vulnerability can be exploited by an attacker to change settings via a specially crafted URL...
Detcon SiteWatch Gateway
CVSS v3 9.1 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Detcon Equipment: SiteWatch Gateway Vulnerabilities: Improper Authentication, Plaintext Storage of a Password AFFECTED PRODUCTS The following versions of Detcon SiteWatch Gateway, an Ethernet Notification System, are...
Yaws-Wiki 1.88-1 (Erlang) Stored and Reflective XSS Vulnerabilities
Exploit for php platform in category web applications Application: yaws-wiki version affected: 1.88-1 platform: Erlang homepage:http://yaws.hyber.org/ Researcher: Michael Brooks Orignal Advisory:https://sitewat.ch/en/Advisory/4 Install instructions for Ubuntu: sudo apt-get install yaws-wiki...
Majordomo2 Directory Traversal
-------------------------- NSOADV-2011-003 --------------------------- Majordomo2 'help' Command Directory Traversal Patch Bypass 111101111 11111 00110 00110001111 111111 01 01 1 11111011111111 11111 0 11 01 0 11 1 1 111011001 11111111101 1 11 0110111 1 1111101111 1001 0 1 10 11 0 10 11 1111111 1...
DSA-2158-1 cgiirc - cross-site-scripting
Bulletin has no description...
Majordomo Vulnerable to Directory Traversal
US-CERT is aware of a vulnerability affecting Majordomo 2. Exploitation of this vulnerability may allow an attacker to obtain sensitive information that could be used to leverage additional attacks. Reports indicate that this vulnerability affects builds 20110121 and prior. US-CERT encourages use...
Majordomo 2 _list_file_get() directory traversal vulnerability
Overview Majordomo 2 contains a directory traversal vulnerability in the listfilegetfunction, which may allow a remote, unauthenticated attacker to obtain sensitive information. Description Majordomo 2 contains a directory traversal vulnerability in the listfilegetfunction lib/Majordomo.pm caused...