9 matches found
IPFire Firewall Web Interface Command Injection (CVE-2018-16232)
A command injection vulnerability exists in the web interface of IPFire firewall. The vulnerability is due to improper validation of user-supplied requests in the backup.cgi script. Successful exploitation could lead to arbitrary command injection as the nobody user...
Dell EMC VMAX Virtual Appliance Manager Directory Traversal (CVE-2018-1215)
A directory traversal vulnerability exists in Dell EMC VMAX Virtual Appliance vApp. The vulnerability is due to improper handling of user-supplied requests for file uploads. Successful exploitation of this vulnerability could lead to arbitrary code execution...
Input validation
A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters ATAs could allow an authenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper validation of user-supplied requests to the...
Dell EMC VMAX Virtual Appliance Manager Directory Traversal Remote Code Execution (CVE-2018-1215)
A directory traversal vulnerability exists in Dell EMC VMAX Virtual Appliance vApp. The vulnerability is due to improper handling of user-supplied requests for file uploads. Successful exploitation of this vulnerability could lead to arbitrary code execution...
LiteWeb Server 2.5 Authentication Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13850/info LiteWeb Server is prone to a vulnerability that may let remote attackers bypass authentication. The specific issue is inadequate sanitization of user-supplied requests. In particular, there is an error in the...
gweb http server 0.5/0.6 - Directory Traversal vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9742/info It has been reported that GWeb is prone to a directory traversal vulnerability. The issue is due to the server's failure to properly validate user supplied http requests. This issue may allow an attacker to esca...
LiteWEB Web Server 2.5 - Authentication Bypass
LiteWEB Web Server 2.5 - Authentication Bypass source: https://www.securityfocus.com/bid/13850/info LiteWeb Server is prone to a vulnerability that may let remote attackers bypass authentication. The specific issue is inadequate sanitization of user-supplied requests. In particular, there is an...
LiteWEB Web Server 2.5 - Authentication Bypass
source: https://www.securityfocus.com/bid/13850/info LiteWeb Server is prone to a vulnerability that may let remote attackers bypass authentication. The specific issue is inadequate sanitization of user-supplied requests. In particular, there is an error in the handling of slash characters '/'...
GWeb HTTP Server 0.50.6 - Directory Traversal
GWeb HTTP Server 0.50.6 - Directory Traversal source: https://www.securityfocus.com/bid/9742/info It has been reported that GWeb is prone to a directory traversal vulnerability. The issue is due to the server's failure to properly validate user supplied http requests. This issue may allow an...