IPFire Firewall Web Interface Command Injection (CVE-2018-16232)

A command injection vulnerability exists in the web interface of IPFire firewall. The vulnerability is due to improper validation of user-supplied requests in the backup.cgi script. Successful exploitation could lead to arbitrary command injection as the nobody user...

Dell EMC VMAX Virtual Appliance Manager Directory Traversal (CVE-2018-1215)

A directory traversal vulnerability exists in Dell EMC VMAX Virtual Appliance vApp. The vulnerability is due to improper handling of user-supplied requests for file uploads. Successful exploitation of this vulnerability could lead to arbitrary code execution...

Input validation

A vulnerability in the web-based management interface of Cisco SPA100 Series Analog Telephone Adapters ATAs could allow an authenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper validation of user-supplied requests to the...

Dell EMC VMAX Virtual Appliance Manager Directory Traversal Remote Code Execution (CVE-2018-1215)

A directory traversal vulnerability exists in Dell EMC VMAX Virtual Appliance vApp. The vulnerability is due to improper handling of user-supplied requests for file uploads. Successful exploitation of this vulnerability could lead to arbitrary code execution...

gweb http server 0.5/0.6 - Directory Traversal vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9742/info It has been reported that GWeb is prone to a directory traversal vulnerability. The issue is due to the server's failure to properly validate user supplied http requests. This issue may allow an attacker to esca...

LiteWeb Server 2.5 Authentication Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13850/info LiteWeb Server is prone to a vulnerability that may let remote attackers bypass authentication. The specific issue is inadequate sanitization of user-supplied requests. In particular, there is an error in the...

LiteWEB Web Server 2.5 - Authentication Bypass

source: https://www.securityfocus.com/bid/13850/info LiteWeb Server is prone to a vulnerability that may let remote attackers bypass authentication. The specific issue is inadequate sanitization of user-supplied requests. In particular, there is an error in the handling of slash characters '/'...

LiteWEB Web Server 2.5 - Authentication Bypass

LiteWEB Web Server 2.5 - Authentication Bypass source: https://www.securityfocus.com/bid/13850/info LiteWeb Server is prone to a vulnerability that may let remote attackers bypass authentication. The specific issue is inadequate sanitization of user-supplied requests. In particular, there is an...

GWeb HTTP Server 0.50.6 - Directory Traversal

GWeb HTTP Server 0.50.6 - Directory Traversal source: https://www.securityfocus.com/bid/9742/info It has been reported that GWeb is prone to a directory traversal vulnerability. The issue is due to the server's failure to properly validate user supplied http requests. This issue may allow an...