Lucene search
K

19 matches found

OSV
OSV
added 2024/10/21 7:3 p.m.12 views

GHSA-3WWX-63FV-PFQ6 Cilium's CIDR deny policies may not take effect when a more narrow CIDR allow is present

Impact A policy rule denying a prefix that is broader than /32 may be ignored if there is - A policy rule referencing a more narrow prefix CIDRSet or toFQDN and - This narrower policy rule specifies either enableDefaultDeny: false or - toEntities: all Note that a rule specifying toEntities: world...

4CVSS6AI score0.00391EPSS
Exploits0References5
Cvelist
Cvelist
added 2022/06/28 7:45 p.m.24 views

CVE-2021-3430 BT: Assertion failure on repeated LL_CONNECTION_PARAM_REQ

Assertion reachable with repeated LLCONNECTIONPARAMREQ. Zephyr versions = v1.14 contain Reachable Assertion CWE-617. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-46h3-hjcq-2jjr...

6.5CVSS7.8AI score0.0083EPSS
Exploits0References1
Prion
Prion
added 2020/03/27 8:15 p.m.16 views

Privilege escalation

Insecure, default path permissions in PHOENIX CONTACT PC WORX SRT through 1.14 allow for local privilege escalation...

4.6CVSS7.6AI score0.00298EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2017/09/19 12:0 a.m.1 views

Axesstel MU553S Default Password Vulnerability

The Axesstel MU553S is a router from Axesstel USA. A security vulnerability exists in the Axesstel MU553S MU55XS-V1.14 version that originates from the use of the default 'admin' password for the administrator account. An attacker can exploit the vulnerability to perform unauthorized operations...

10CVSS9.6AI score0.01405EPSS
Exploits0References1
Prion
Prion
added 2017/09/13 8:29 a.m.12 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF exists in cgi-bin/ConfigSet on Axesstel MU553S MU55XS-V1.14 devices...

6.8CVSS8.8AI score0.00449EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2017/09/13 8:29 a.m.11 views

CVE-2017-13724

On the Axesstel MU553S MU55XS-V1.14, there is a Stored Cross Site Scripting vulnerability in the APN parameter under the "Basic Settings" page...

5.4CVSS5.3AI score0.00513EPSS
Exploits1References1
Prion
Prion
added 2017/09/13 8:29 a.m.13 views

Cross site scripting

On the Axesstel MU553S MU55XS-V1.14, there is a Stored Cross Site Scripting vulnerability in the APN parameter under the "Basic Settings" page...

3.5CVSS5.3AI score0.00513EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2017/09/13 8:29 a.m.16 views

CVE-2017-11350

Cross-Site Request Forgery CSRF exists in cgi-bin/ConfigSet on Axesstel MU553S MU55XS-V1.14 devices...

8.8CVSS8.9AI score0.00449EPSS
Exploits0References1
Prion
Prion
added 2017/09/13 8:29 a.m.10 views

Default credentials

Axesstel MU553S MU55XS-V1.14 devices have a default password of admin for the admin account...

10CVSS9.6AI score0.01405EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2017/09/13 8:0 a.m.55 views

CVE-2017-11350

CVE-2017-11350 is a CSRF vulnerability in the Axesstel MU553S MU55XS-V1.14 devices, specifically in the CGI endpoint /cgi-bin/ConfigSet. The connected CNVD entry confirms the issue on the Axesstel MU553S MU55XS-V1.14 release and describes unauthorized operations via CSRF. CVSS metrics indicate mo...

8.8CVSS8.7AI score0.00449EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2017/09/13 8:0 a.m.52 views

CVE-2017-13724

CVE-2017-13724 describes a stored Cross-Site Scripting vulnerability in the APN parameter on the Axesstel MU553S MU55XS devices running firmware v1.14, on the Basic Settings page. The affected component is the APN field handling in that page; the root cause is a stored XSS flaw that can persist u...

5.4CVSS5.3AI score0.00513EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2017/09/13 8:0 a.m.19 views

CVE-2017-11350

Cross-Site Request Forgery CSRF exists in cgi-bin/ConfigSet on Axesstel MU553S MU55XS-V1.14 devices...

8.9AI score0.00449EPSS
Exploits0References1
Cvelist
Cvelist
added 2017/09/13 8:0 a.m.17 views

CVE-2017-11351

Axesstel MU553S MU55XS-V1.14 devices have a default password of admin for the admin account...

9.7AI score0.01405EPSS
Exploits0References1
CVE
CVE
added 2017/09/13 8:0 a.m.45 views

CVE-2017-11351

The CVE-2017-11351 entry concerns Axesstel MU553S/MU55XS-V1.14 devices that ship with the default admin password for the admin account. The root cause is credential exposure via a default credential, leading to potential unauthorized administrative access. Impact is described as high for confiden...

10CVSS9.5AI score0.01405EPSS
Exploits0References1Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

J.A.G (Just Another Guestbook) 1.14 - Database Disclosure Vulnerability

No description provided by source. Software Link: http://www.xs4all.nl/crisp/jag/jag.zip Version: v1.14 Tested on: Windows xp sp3 ------------------------------------------------------ | | | | | | | | /| ' \ / \ ' \ / /| ' \ | | | | | | / | | | | | | | | | || || |||| ||//|| || ||...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

w1l3d4 philboard 1.2 (blind sql/xss) Multiple Vulnerabilities

No description provided by source. + Script Name : philboard v 1.14 Multiple Remote Exploits |+| Team : InjEct0r5 + Author : Bl@ckbe@rD 'Tunisian TerrorisT' ; + Contact : blackbeard-sqlA.Thotmail.fr ; + Dork : Powered by v1.14 powered by philboard v1.14 --//-- + Expl0iT : Remote SQL Injection : -...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2010/02/11 12:0 a.m.26 views

J.A.G (Just Another Guestbook) 1.14 - Database Disclosure

J.A.G Just Another Guestbook 1.14 - Database Disclosure Software Link: http://www.xs4all.nl/crisp/jag/jag.zip Version: v1.14 Tested on: Windows xp sp3 ------------------------------------------------------ | | | | | | | | /| ' \ / \ ' \ / /| ' \ | | | | | | / | | | | | | | | | || || |||| ||//||...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/06/27 12:0 a.m.18 views

W1L3D4 philboard 1.2 - Blind SQL Injection Cross-Site Scripting

W1L3D4 philboard 1.2 - Blind SQL Injection Cross-Site Scripting + Script Name : philboard v 1.14 Multiple Remote Exploits |+| Team : InjEct0r5 + Author : Bl@ckbe@rD 'Tunisian TerrorisT' ; + Contact : blackbeard-sqlA.Thotmail.fr ; + Dork : Powered by v1.14 powered by philboard v1.14 --//-- + Expl0...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2008/06/27 12:0 a.m.40 views

W1L3D4 philboard 1.2 - Blind SQL Injection / Cross-Site Scripting

Script Name : philboard v 1.14 Multiple Remote Exploits |+| Team : InjEct0r5 + Author : Bl@ckbe@rD 'Tunisian TerrorisT' ; + Contact : blackbeard-sqlA.Thotmail.fr ; + Dork : Powered by v1.14 powered by philboard v1.14 --//-- + Expl0iT : Remote SQL Injection : --...

7.4AI score
Exploits0
Rows per page
Query Builder