Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Huntr
Huntradded 2023/01/15 4:48 p.m.15 views

CSRF, Reflected XSS and Stored XSS in add instance function

Description The add instance function allows to creation of an instance from user input but does not have any sanitizing mechanism which results in a Reflected XSS bug. This feature can be made by any user in the system, including guest users. After creating the instance will be saved on the...

1.2AI score
Exploits0
NVD
NVDadded 2020/02/07 11:15 p.m.19 views

CVE-2019-19356

Netis WF2419 is vulnerable to authenticated Remote Code Execution RCE as root through the router Web management page. The vulnerability has been found in firmware version V1.2.31805 and V2.2.36123. After one is connected to this page, it is possible to execute system commands as root through the...

8.5CVSS7.8AI score0.90961EPSS
Exploits6References4
Cvelist
Cvelistadded 2020/02/07 10:49 p.m.24 views

CVE-2019-19356

Netis WF2419 is vulnerable to authenticated Remote Code Execution RCE as root through the router Web management page. The vulnerability has been found in firmware version V1.2.31805 and V2.2.36123. After one is connected to this page, it is possible to execute system commands as root through the...

7.8AI score0.90961EPSS
Exploits6References3
ATTACKERKB
ATTACKERKBadded 2020/02/07 12:0 a.m.47 views

CVE-2019-19356

Netis WF2419 is vulnerable to authenticated Remote Code Execution RCE as root through the router Web management page. The vulnerability has been found in firmware version V1.2.31805 and V2.2.36123. After one is connected to this page, it is possible to execute system commands as root through the...

8.5CVSS8.1AI score0.90961EPSS
In wildExploits6References4
0day.today
0day.todayadded 2014/09/08 12:0 a.m.40 views

LoadedCommerce7 - Systemic Query Factory Vulnerability

Loaded Commerce 7 shopping cart/online store suffers from a systemic vulnerability in its query factory, allowing attackers to circumvent user input sanitizing to perform remote SQL injection. Title: LoadedCommerce7 Systemic Query Factory Vulnerability Advisory:...

7.1CVSS0.6AI score0.0105EPSS
Exploits6
Exploit DB
Exploit DBadded 2014/09/07 12:0 a.m.38 views

LoadedCommerce7 - Systemic Query Factory

Title: LoadedCommerce7 Systemic Query Factory Vulnerability Advisory: http://breaking.technology/advisories/CVE-2014-5140.txt Credits: Discovered by Breaking Technology Research Labs 2014-06-30 Reference: CVE-2014-5140 - Assigned 31 June 2014 Timeline: Vendor notified - 29 July 2014 Vendor...

8.8CVSS7AI score0.0105EPSS
Exploits6
Tenable Nessus
Tenable Nessusadded 2004/11/10 12:0 a.m.36 views

Debian DSA-564-1 : mpg123 - missing user input sanitising

Davide Del Vecchio discovered a vulnerability in mpg123, a popular but non-free MPEG layer 1/2/3 audio player. A malicious MPEG layer 2/3 file could cause the header checks in mpg123 to fail, which could in turn allow arbitrary code to be executed with the privileges of the user running mpg123...

7.5CVSS5.7AI score0.05835EPSS
Exploits0References2
Rows per page
Query Builder