Moxa EDR-G903 Secure Router Unauthenticated File Download (CVE-2016-0879)

Moxa Secure Router EDR-G903 devices before 3.4.12 do not delete copies of configuration and log files after completing the import function, which allows remote attackers to obtain sensitive information by requesting these files at an unspecified URL. This plugin only works with Tenable.ot. Please...

CVE-2016-8278

Huawei USG9520, USG9560, and USG9580 unified security gateways with software before V300R001C01SPCa00 allow remote attackers to cause a denial of service device restart via an unspecified URL...

Design/Logic Flaw

Moxa Secure Router EDR-G903 devices before 3.4.12 do not delete copies of configuration and log files after completing the import function, which allows remote attackers to obtain sensitive information by requesting these files at an unspecified URL...

CVE-2016-2293

The AXM-NET module in Accuenergy Acuvim II NET Firmware 3.08 and Acuvim IIR NET Firmware 3.08 allows remote attackers to discover settings via a direct request to an unspecified URL...

CVE-2015-6022

Unrestricted file upload vulnerability in QNAP Signage Station before 2.0.1 allows remote authenticated users to execute arbitrary code by uploading an executable file, and then accessing this file via an unspecified URL...

CVE-2015-8287

Swann SRNVW-470LCD devices with firmware through 0114 and SWNVW-470CAM devices with firmware through 1022 allow remote attackers to watch live video by visiting an unspecified URL...

Information disclosure

Cisco Unified Communications Manager 11.50.98000.480 allows remote authenticated users to obtain sensitive database table-name and entity-name information via a direct request to an unspecified URL, aka Bug ID CSCuy11098...

Information disclosure

eWON devices with firmware before 10.1s0 omit RBAC for I/O server information and status requests, which allows remote attackers to obtain sensitive information via an unspecified URL...

TIBCO Spotfire Server Information Disclosure Vulnerability (CNVD-2015-07300)

TIBCO Spotfire Analyst Platform for AWS Marketplace is a suite of data visualization and analytics platforms for AWS, the cloud application store, from TIBCO Software, USA. Versions 5.5.x prior to 5.5.4, 6.0.x prior to 6.0.5, 6.5.x prior to 6.5.4, 7.0.x prior to 7.0.1 of TIBCO Spotfire Server,...

Authentication flaw

The web server on the AXN-NET Ethernet module accessory 3.04 for the Accuenergy Acuvim II allows remote attackers to bypass authentication and modify settings via a direct request to an unspecified URL...

Authentication flaw

The web interface on 1 Foscam and 2 Wansview IP cameras allows remote attackers to bypass authentication, and perform administrative functions or read the admin password, via a direct request to an unspecified URL...

CVE-2010-0185

The default configuration of Adobe ColdFusion 9.0 does not restrict access to collections that have been created by the Solr Service, which allows remote attackers to obtain collection metadata, search information, and index data via a request to an unspecified URL...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in clients.php in Cerberus Helpdesk, possibly 2.7, allow remote attackers to inject arbitrary web script or HTML via 1 the contactsearch parameter and 2 unspecified url fields...

CVE-2006-0509

Multiple cross-site scripting XSS vulnerabilities in clients.php in Cerberus Helpdesk, possibly 2.7, allow remote attackers to inject arbitrary web script or HTML via 1 the contactsearch parameter and 2 unspecified url fields...