19 matches found
GHSA-3WWX-63FV-PFQ6 Cilium's CIDR deny policies may not take effect when a more narrow CIDR allow is present
Impact A policy rule denying a prefix that is broader than /32 may be ignored if there is - A policy rule referencing a more narrow prefix CIDRSet or toFQDN and - This narrower policy rule specifies either enableDefaultDeny: false or - toEntities: all Note that a rule specifying toEntities: world...
CVE-2021-3430 BT: Assertion failure on repeated LL_CONNECTION_PARAM_REQ
Assertion reachable with repeated LLCONNECTIONPARAMREQ. Zephyr versions = v1.14 contain Reachable Assertion CWE-617. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-46h3-hjcq-2jjr...
Privilege escalation
Insecure, default path permissions in PHOENIX CONTACT PC WORX SRT through 1.14 allow for local privilege escalation...
Axesstel MU553S Default Password Vulnerability
The Axesstel MU553S is a router from Axesstel USA. A security vulnerability exists in the Axesstel MU553S MU55XS-V1.14 version that originates from the use of the default 'admin' password for the administrator account. An attacker can exploit the vulnerability to perform unauthorized operations...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF exists in cgi-bin/ConfigSet on Axesstel MU553S MU55XS-V1.14 devices...
CVE-2017-13724
On the Axesstel MU553S MU55XS-V1.14, there is a Stored Cross Site Scripting vulnerability in the APN parameter under the "Basic Settings" page...
Cross site scripting
On the Axesstel MU553S MU55XS-V1.14, there is a Stored Cross Site Scripting vulnerability in the APN parameter under the "Basic Settings" page...
CVE-2017-11350
Cross-Site Request Forgery CSRF exists in cgi-bin/ConfigSet on Axesstel MU553S MU55XS-V1.14 devices...
Default credentials
Axesstel MU553S MU55XS-V1.14 devices have a default password of admin for the admin account...
CVE-2017-11350
CVE-2017-11350 is a CSRF vulnerability in the Axesstel MU553S MU55XS-V1.14 devices, specifically in the CGI endpoint /cgi-bin/ConfigSet. The connected CNVD entry confirms the issue on the Axesstel MU553S MU55XS-V1.14 release and describes unauthorized operations via CSRF. CVSS metrics indicate mo...
CVE-2017-13724
CVE-2017-13724 describes a stored Cross-Site Scripting vulnerability in the APN parameter on the Axesstel MU553S MU55XS devices running firmware v1.14, on the Basic Settings page. The affected component is the APN field handling in that page; the root cause is a stored XSS flaw that can persist u...
CVE-2017-11350
Cross-Site Request Forgery CSRF exists in cgi-bin/ConfigSet on Axesstel MU553S MU55XS-V1.14 devices...
CVE-2017-11351
Axesstel MU553S MU55XS-V1.14 devices have a default password of admin for the admin account...
CVE-2017-11351
The CVE-2017-11351 entry concerns Axesstel MU553S/MU55XS-V1.14 devices that ship with the default admin password for the admin account. The root cause is credential exposure via a default credential, leading to potential unauthorized administrative access. Impact is described as high for confiden...
J.A.G (Just Another Guestbook) 1.14 - Database Disclosure Vulnerability
No description provided by source. Software Link: http://www.xs4all.nl/crisp/jag/jag.zip Version: v1.14 Tested on: Windows xp sp3 ------------------------------------------------------ | | | | | | | | /| ' \ / \ ' \ / /| ' \ | | | | | | / | | | | | | | | | || || |||| ||//|| || ||...
w1l3d4 philboard 1.2 (blind sql/xss) Multiple Vulnerabilities
No description provided by source. + Script Name : philboard v 1.14 Multiple Remote Exploits |+| Team : InjEct0r5 + Author : Bl@ckbe@rD 'Tunisian TerrorisT' ; + Contact : blackbeard-sqlA.Thotmail.fr ; + Dork : Powered by v1.14 powered by philboard v1.14 --//-- + Expl0iT : Remote SQL Injection : -...
J.A.G (Just Another Guestbook) 1.14 - Database Disclosure
J.A.G Just Another Guestbook 1.14 - Database Disclosure Software Link: http://www.xs4all.nl/crisp/jag/jag.zip Version: v1.14 Tested on: Windows xp sp3 ------------------------------------------------------ | | | | | | | | /| ' \ / \ ' \ / /| ' \ | | | | | | / | | | | | | | | | || || |||| ||//||...
W1L3D4 philboard 1.2 - Blind SQL Injection Cross-Site Scripting
W1L3D4 philboard 1.2 - Blind SQL Injection Cross-Site Scripting + Script Name : philboard v 1.14 Multiple Remote Exploits |+| Team : InjEct0r5 + Author : Bl@ckbe@rD 'Tunisian TerrorisT' ; + Contact : blackbeard-sqlA.Thotmail.fr ; + Dork : Powered by v1.14 powered by philboard v1.14 --//-- + Expl0...
W1L3D4 philboard 1.2 - Blind SQL Injection / Cross-Site Scripting
Script Name : philboard v 1.14 Multiple Remote Exploits |+| Team : InjEct0r5 + Author : Bl@ckbe@rD 'Tunisian TerrorisT' ; + Contact : blackbeard-sqlA.Thotmail.fr ; + Dork : Powered by v1.14 powered by philboard v1.14 --//-- + Expl0iT : Remote SQL Injection : --...