12 matches found
CVE-2021-31655
Cross Site Scripting XSS vulnerability in TRENDnet TV-IP110WN V1.2.2.64 V1.2.2.65 V1.2.2.68 via the profile parameter. in a GET request in view.cgi...
CVE-2022-42484
An OS command injection vulnerability exists in the httpd logs/view.cgi functionality of FreshTomato 2022.5. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this vulnerability...
FreshTomato httpd logs/view.cgi OS command injection vulnerability
Talos Vulnerability Report TALOS-2022-1641 FreshTomato httpd logs/view.cgi OS command injection vulnerability January 26, 2023 CVE Number CVE-2022-42484 SUMMARY An OS command injection vulnerability exists in the httpd logs/view.cgi functionality of FreshTomato 2022.5. A specially crafted HTTP...
CVE-2021-31655
Cross Site Scripting XSS vulnerability in TRENDnet TV-IP110WN V1.2.2.64 V1.2.2.65 V1.2.2.68 via the profile parameter. in a GET request in view.cgi...
CVE-2021-31655
Cross Site Scripting XSS vulnerability in TRENDnet TV-IP110WN V1.2.2.64 V1.2.2.65 V1.2.2.68 via the profile parameter. in a GET request in view.cgi...
Webmin 'view.cgi'跨站脚本漏洞
Bugtraq ID:66248 CVE ID:CVE-2014-0339 Webmin是一款基于WEB的Unix和Linux操作系统系统管理接口。 Webmin 'view.cgi'不正确过滤"search"参数数据,允许远程攻击者利用漏洞进行反射型跨站脚本攻击,可获取敏感信息或劫持用户会话。 0 Webmin 1.670 目前没有详细解决方案提供: http://www.webmin.com https://192.168.49.132:10000/webminlog/view.cgi?id=1&search=e";scriptalertdocument.cookie;/script...
CVE-2014-0339
Cross-site scripting XSS vulnerability in view.cgi in Webmin before 1.680 allows remote attackers to inject arbitrary web script or HTML via the search parameter...
Cross site scripting
Cross-site scripting XSS vulnerability in view.cgi in Webmin before 1.680 allows remote attackers to inject arbitrary web script or HTML via the search parameter...
CVE-2014-0339
Cross-site scripting XSS vulnerability in view.cgi in Webmin before 1.680 allows remote attackers to inject arbitrary web script or HTML via the search parameter...
CVE-2014-0339
Webmin is vulnerable to a cross-site scripting (XSS) flaw in view.cgi prior to version 1.680. The underlying issue is improper validation of the search parameter, allowing remote attackers to inject arbitrary script/HTML. Public references and bulletins consistently describe the affected componen...
CVE-2008-1793
Multiple cross-site scripting XSS vulnerabilities in view.cgi in Smart Classified ADS Professional, Smart Photo ADS, and Smart Photo ADS Gold allow remote attackers to inject arbitrary web script or HTML via the 1 AdNum and 2 Department parameters. NOTE: the provenance of this information is...
CVE-2008-1793
Multiple cross-site scripting XSS vulnerabilities in view.cgi in Smart Classified ADS Professional, Smart Photo ADS, and Smart Photo ADS Gold allow remote attackers to inject arbitrary web script or HTML via the 1 AdNum and 2 Department parameters. NOTE: the provenance of this information is...