Lucene search
K

369 matches found

OSV
OSV
added 2020/03/12 2:15 p.m.4 views

CVE-2020-8436

XSS was discovered in the RegistrationMagic plugin 4.6.0.0 for WordPress via the rmformid, rmtr, or formname parameter...

6.1CVSS5.8AI score0.01353EPSS
Exploits2References3
Openbugbounty
Openbugbounty
added 2020/03/10 1:39 p.m.11 views

tr-express.ru Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1115152 Security Researcher geeknik Helped patch 8826 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting tr-express.ru website and...

0.2AI score
Exploits0
NVD
NVD
added 2019/11/13 8:15 p.m.18 views

CVE-2019-18793

Parallels Plesk Panel 9.5 allows XSS in target/locales/tr-TR/help/index.htm? via the "fileName" parameter...

6.1CVSS6AI score0.00791EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2019/07/25 9:30 a.m.122 views

Exploit for CVE-2019-14339

CVE-2019-14339 Content Provider URI Injection on Canon PRINT...

5.5CVSS6AI score0.05393EPSS
Exploits6
seebug.org
seebug.org
added 2018/04/25 12:0 a.m.212 views

Vigor ACS Unsafe Flex AMF Java Object Deserialization(CVE-2017-5641)

Vulnerability Summary A vulnerability in Vigor ACS allows unauthenticated users to cause the product to execute arbitrary code. VigorACS 2 “is a powerful centralized management software for Vigor Routers and VigorAPs, it is an integrated solution for configuring, monitoring, and maintenance of...

7.5CVSS10AI score0.21274EPSS
Exploits4
Prion
Prion
added 2018/04/13 3:29 p.m.15 views

Heap overflow

A heap-overflow flaw exists in the -tr loader of iucode-tool starting with v1.4 and before v2.1.1, potentially leading to SIGSEGV, or heap corruption...

7.5CVSS9.3AI score0.02999EPSS
Exploits0References3Affected Software2
OSV
OSV
added 2018/04/13 3:29 p.m.3 views

DEBIAN-CVE-2017-0357

A heap-overflow flaw exists in the -tr loader of iucode-tool starting with v1.4 and before v2.1.1, potentially leading to SIGSEGV, or heap corruption...

9.8CVSS9.2AI score0.02999EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2018/01/31 10:7 a.m.10 views

ozkent.com.tr XSS vulnerability

Open Bug Bounty ID: OBB-550166 Description| Value ---|--- Affected Website:| ozkent.com.tr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

6.3AI score
Exploits0
ThreatPost
ThreatPost
added 2017/12/28 2:1 p.m.369 views

Code Used in Zero Day Huawei Router Attack Made Public

Exploit code used in the Mirai malware variant called Satori, which was used to attack hundreds of thousands of Huawei routers over the past several weeks, is now public. Researchers warn the code will quickly become a commodity and be leveraged in DDoS attacks via botnets such as Reaper or...

10CVSS10AI score0.99975EPSS
Exploits8References5
seebug.org
seebug.org
added 2017/12/28 12:0 a.m.120 views

Eir’s D1000 Modem Is Wide Open To Being Hacked.

Background The Eir D1000 Modem has bugs that allow an attacker to gain full control of the modem from the Internet. The modem could then be used to hack into internal computers on the network, as a proxy host to hack other computers or even as a bot in a botnet. A port scan of the the modem...

10CVSS0.63748EPSS
Exploits12
The Hacker News
The Hacker News
added 2017/12/22 9:43 p.m.46 views

Satori IoT Botnet Exploits Zero-Day to Zombify Huawei Routers

Although the original creators of the infamous IoT malware Mirai have already been arrested and sent to jail, the variants of the notorious botnet are still in the game due to the availability of its source code on the Internet. Hackers have widely used the infamous IoT malware to quietly amass a...

9.2AI score0.7861EPSS
Exploits2
ThreatPost
ThreatPost
added 2017/12/22 6:9 p.m.52 views

Huawei Router Vulnerability Used to Spread Mirai Variant

Researchers have identified a vulnerability in a Huawei home router model that is being exploited by an adversary to spread a variant of the Mirai malware called Mirai Okiru, also known as Satori. Researchers at Check Point published a report Thursday, and said the flaw is in Huawei’s router mode...

6.5CVSS9.6AI score0.7861EPSS
Exploits2References5
0day.today
0day.today
added 2017/10/11 12:0 a.m.33 views

WordPress TR Easy Google Analytics 1.0.0 Cross Site Scripting Vulnerability

WordPress TR Easy Google Analytics plugin version 1.0.0 suffers from a cross site scripting vulnerability. Credit Ricardo Sanchez Vulnerable TR Easy Google Analytics plugin 1.0.0 TR Easy Google Analytics plugin is prone to a cross-site scripting vulnerability because it fails to sufficiently...

6.6AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/09/28 2:15 p.m.17 views

tr.123rf.com XSS vulnerability

Vulnerable URL: https://tr.123rf.com/similar-model/1zqjmxx"alert'OPENBUGBOUNTY' Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No...

6.3AI score
Exploits0
Prion
Prion
added 2017/07/31 11:29 p.m.14 views

Design/Logic Flaw

Techroutes TR 1803-3G Wireless Cellular Router/Modem 2.4.25 devices do not possess any protection against a CSRF vulnerability, as demonstrated by a goform/BasicSettings request to disable port filtering...

6.8CVSS8.6AI score0.00449EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2017/07/31 11:29 p.m.25 views

CVE-2017-11648

Techroutes TR 1803-3G Wireless Cellular Router/Modem 2.4.25 devices do not possess any protection against a CSRF vulnerability, as demonstrated by a goform/BasicSettings request to disable port filtering...

8.8CVSS8.7AI score0.00449EPSS
Exploits0References1
CVE
CVE
added 2017/07/31 11:0 p.m.51 views

CVE-2017-11648

The CVE-2017-11648 issue affects Techroutes TR 1803-3G Wireless Cellular Router/Modem (firmware 2.4.25). The vulnerability is a Cross-Site Request Forgery (CSRF) flaw in which the device has no CSRF protections, enabling an attacker to trigger sensitive actions (e.g., goform/BasicSettings to disa...

8.8CVSS8.6AI score0.00449EPSS
Exploits0References1Affected Software1
ThreatPost
ThreatPost
added 2017/06/19 10:28 a.m.11 views

IoT Malware Activity Already More Than Doubled 2016 Numbers

The number of new malware samples in the wild this year targeting connected internet-of-things IoT devices has already more than doubled last year’s total. Honeypots laid out by Kaspersky Lab researchers mimicking a number of connected devices running Linux have attracted more than 7,200 differen...

0.3AI score
Exploits0References8
CNVD
CNVD
added 2017/05/18 12:0 a.m.31 views

Eir D1000 Arbitrary Command Execution Vulnerability

The Eir D1000 is a modem from Eir Ireland. A security vulnerability exists in the Eir D1000 modem that stems from the program failing to properly restrict the TR-064 protocol. A remote attacker can exploit the vulnerability to execute arbitrary commands on TCP port 7547...

10CVSS7.7AI score0.81899EPSS
Exploits2References1
CNVD
CNVD
added 2017/05/17 12:0 a.m.73 views

Artifex Ghostscript Denial of Service Vulnerability

Artifex Ghostscript is an open source Postscript a page description language and programming language used in the electronics industry and desktop publishing parser from Artifex Software that displays Postscript files and prints them on non-Postscript printers. Postscript file. A security...

5.5CVSS6.8AI score0.01145EPSS
Exploits0References1
Rows per page
Query Builder