369 matches found
CVE-2020-8436
XSS was discovered in the RegistrationMagic plugin 4.6.0.0 for WordPress via the rmformid, rmtr, or formname parameter...
tr-express.ru Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1115152 Security Researcher geeknik Helped patch 8826 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting tr-express.ru website and...
CVE-2019-18793
Parallels Plesk Panel 9.5 allows XSS in target/locales/tr-TR/help/index.htm? via the "fileName" parameter...
Exploit for CVE-2019-14339
CVE-2019-14339 Content Provider URI Injection on Canon PRINT...
Vigor ACS Unsafe Flex AMF Java Object Deserialization(CVE-2017-5641)
Vulnerability Summary A vulnerability in Vigor ACS allows unauthenticated users to cause the product to execute arbitrary code. VigorACS 2 “is a powerful centralized management software for Vigor Routers and VigorAPs, it is an integrated solution for configuring, monitoring, and maintenance of...
Heap overflow
A heap-overflow flaw exists in the -tr loader of iucode-tool starting with v1.4 and before v2.1.1, potentially leading to SIGSEGV, or heap corruption...
DEBIAN-CVE-2017-0357
A heap-overflow flaw exists in the -tr loader of iucode-tool starting with v1.4 and before v2.1.1, potentially leading to SIGSEGV, or heap corruption...
ozkent.com.tr XSS vulnerability
Open Bug Bounty ID: OBB-550166 Description| Value ---|--- Affected Website:| ozkent.com.tr Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
Code Used in Zero Day Huawei Router Attack Made Public
Exploit code used in the Mirai malware variant called Satori, which was used to attack hundreds of thousands of Huawei routers over the past several weeks, is now public. Researchers warn the code will quickly become a commodity and be leveraged in DDoS attacks via botnets such as Reaper or...
Eir’s D1000 Modem Is Wide Open To Being Hacked.
Background The Eir D1000 Modem has bugs that allow an attacker to gain full control of the modem from the Internet. The modem could then be used to hack into internal computers on the network, as a proxy host to hack other computers or even as a bot in a botnet. A port scan of the the modem...
Satori IoT Botnet Exploits Zero-Day to Zombify Huawei Routers
Although the original creators of the infamous IoT malware Mirai have already been arrested and sent to jail, the variants of the notorious botnet are still in the game due to the availability of its source code on the Internet. Hackers have widely used the infamous IoT malware to quietly amass a...
Huawei Router Vulnerability Used to Spread Mirai Variant
Researchers have identified a vulnerability in a Huawei home router model that is being exploited by an adversary to spread a variant of the Mirai malware called Mirai Okiru, also known as Satori. Researchers at Check Point published a report Thursday, and said the flaw is in Huawei’s router mode...
WordPress TR Easy Google Analytics 1.0.0 Cross Site Scripting Vulnerability
WordPress TR Easy Google Analytics plugin version 1.0.0 suffers from a cross site scripting vulnerability. Credit Ricardo Sanchez Vulnerable TR Easy Google Analytics plugin 1.0.0 TR Easy Google Analytics plugin is prone to a cross-site scripting vulnerability because it fails to sufficiently...
tr.123rf.com XSS vulnerability
Vulnerable URL: https://tr.123rf.com/similar-model/1zqjmxx"alert'OPENBUGBOUNTY' Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No...
Design/Logic Flaw
Techroutes TR 1803-3G Wireless Cellular Router/Modem 2.4.25 devices do not possess any protection against a CSRF vulnerability, as demonstrated by a goform/BasicSettings request to disable port filtering...
CVE-2017-11648
Techroutes TR 1803-3G Wireless Cellular Router/Modem 2.4.25 devices do not possess any protection against a CSRF vulnerability, as demonstrated by a goform/BasicSettings request to disable port filtering...
CVE-2017-11648
The CVE-2017-11648 issue affects Techroutes TR 1803-3G Wireless Cellular Router/Modem (firmware 2.4.25). The vulnerability is a Cross-Site Request Forgery (CSRF) flaw in which the device has no CSRF protections, enabling an attacker to trigger sensitive actions (e.g., goform/BasicSettings to disa...
IoT Malware Activity Already More Than Doubled 2016 Numbers
The number of new malware samples in the wild this year targeting connected internet-of-things IoT devices has already more than doubled last year’s total. Honeypots laid out by Kaspersky Lab researchers mimicking a number of connected devices running Linux have attracted more than 7,200 differen...
Eir D1000 Arbitrary Command Execution Vulnerability
The Eir D1000 is a modem from Eir Ireland. A security vulnerability exists in the Eir D1000 modem that stems from the program failing to properly restrict the TR-064 protocol. A remote attacker can exploit the vulnerability to execute arbitrary commands on TCP port 7547...
Artifex Ghostscript Denial of Service Vulnerability
Artifex Ghostscript is an open source Postscript a page description language and programming language used in the electronics industry and desktop publishing parser from Artifex Software that displays Postscript files and prints them on non-Postscript printers. Postscript file. A security...