CVE-2026-32840

Edimax GS-5008PL firmware version 1.00.54 and prior contain a stored cross-site scripting vulnerability in the systemnameset.cgi script that allows attackers to inject arbitrary script code by manipulating the sysName parameter. Attackers can send a crafted POST request with malicious script...

CVE-2026-32840 Edimax GS-5008PL <= 1.00.54 Stored XSS via Device Name

Edimax GS-5008PL firmware version 1.00.54 and prior contain a stored cross-site scripting vulnerability in the systemnameset.cgi script that allows attackers to inject arbitrary script code by manipulating the sysName parameter. Attackers can send a crafted POST request with malicious script...

CVE-2026-32840 Edimax GS-5008PL <= 1.00.54 Stored XSS via Device Name

Edimax GS-5008PL firmware version 1.00.54 and prior contain a stored cross-site scripting vulnerability in the systemnameset.cgi script that allows attackers to inject arbitrary script code by manipulating the sysName parameter. Attackers can send a crafted POST request with malicious script...

PT-2026-25946

Edimax GS-5008PL firmware version 1.00.54 and prior contain a stored cross-site scripting vulnerability in the system name set.cgi script that allows attackers to inject arbitrary script code by manipulating the sysName parameter. Attackers can send a crafted POST request with malicious script...

EUVD-2017-8897

Malware in sbrugna...

EUVD-2012-6504

Malware in sbrugna...

PT-2024-14213 · Centreon · Centreon

Name of the Vulnerable Software and Affected Versions: Centreon affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Centreon. User interaction is required to exploit this issue. The specific flaw exists within the...

WhatsUp Gold 2022 (22.1.0 Build 39) - XSS

Exploit Title: WhatsUpGold 22.1.0 - Stored Cross-Site Scripting XSS Date: April 18, 2023 Exploit Author: Andreas Finstad 4ndr34z Vendor Homepage: https://www.whatsupgold.com Version: v.22.1.0 Build 39 Tested on: Windows 2022 Server CVE : CVE-2023-35759 Reference:...

Cross-site Scripting (XSS)

librenms/librenms is vulnerable to cross-site scripting. The vulnerability exists in addhost.inc.php in sysName, Hardware and Community fields which allows an attacker to send and execute arbitrary javascript...

Cross-site Scripting (XSS) - Stored in librenms/librenms

Description Cross-Site Scripting vulnerability in LibreNMS v22.1.0 which allows attackers to execute arbitrary javascript code in the browser of a victim which affected Devices module Add Device in sysName, Hardware and Community fields. Proof of Concept Endpoint: 1 POST http://HOST/addhost...

SNMP – Simply Not My Problem. Or is it?

TL;DR: Use SNMPv3; long gone is default community strings, hello complex passwords! Remove from the internet, if required, implement a VPN solution to restrict access to only authorised parties. SNMP is a protocol used for the remote management of devices on a network. By remote, we mean access...

TerraMaster TOS Cross-Site Scripting Vulnerability (CNVD-2019-00657)

TerraMaster TOS is a set of storage server special operating system based on Linux platform developed by Terra Master. The system supports file sharing, cloud data synchronization, data backup and virtualization. A cross-site scripting vulnerability exists in the handle.php endpoint in TerraMaste...

CVE-2018-13334

Cross-site scripting in handle.php in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the "optionssysname" parameter...

SNMP SysName Parsing

Binary data 700342.prm...

TP-Link TL-SG108E Cross-Site Scripting Vulnerability

The TP-Link TL-SG108E is a Gigabit Ethernet switch from China P&L TP-LINK. A cross-site scripting vulnerability exists in the systemnameset.cgi file in the TP-Link TL-SG108E version 1.0.0. A remote attacker can exploit this vulnerability to submit arbitrary Java script with the help of the...

CVE-2017-17745

Cross-site scripting XSS vulnerability in systemnameset.cgi in TP-Link TL-SG108E 1.0.0 allows authenticated remote attackers to submit arbitrary java script via the 'sysName' parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in systemnameset.cgi in TP-Link TL-SG108E 1.0.0 allows authenticated remote attackers to submit arbitrary java script via the 'sysName' parameter...

CVE-2007-6708

Multiple cross-site request forgery CSRF vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to perform actions as administrators via an arbitrary valid request to an administrative URI, as demonstrated by 1 a Restore Facto...

CVE-2005-0979

Multiple buffer overflows in RUMBA 7.3 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via crafted values in a profile file, as demonstrated using a long SysName field...

CVE-2005-0979

Multiple buffer overflows in RUMBA 7.3 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via crafted values in a profile file, as demonstrated using a long SysName field...