Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-15066

Malware in sbrugna...

5.4CVSS5.5AI score0.00599EPSS
Exploits1References2
CVE
CVE
added 2024/11/12 6:5 p.m.59 views

CVE-2024-51721

CVE-2024-51721 : A code injection vulnerability affects the SecuSUITE Server Web Administration Portal in SecuSUITE versions up to 5.0.420. The issue allows an attacker to inject script commands or other executable content that would run with root privileges. Affected component is the Web Adminis...

7.3CVSS7.3AI score0.00234EPSS
Exploits0References1
Prion
Prion
added 2019/11/21 10:15 p.m.34 views

Design/Logic Flaw

The web administrative portal in Zhone zNID 2426A before S3.0.501 allows remote authenticated users to bypass intended access restrictions via a modified server response, related to an insecure direct object reference...

6.5CVSS6.6AI score0.05636EPSS
Exploits4References3Affected Software1
CVE
CVE
added 2019/11/21 9:47 p.m.258 views

CVE-2014-8356

The CVE-2014-8356 issue affects Zhone zNID GPON 2426A and related 24xx/42xx/26xx/28xx-series devices, with firmware older than S3.0.501. The vulnerability arises from an Insecure Direct Object Reference that allows remote authenticated users to bypass access controls by altering server responses ...

8.8CVSS8.1AI score0.05636EPSS
In wildExploits4References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2019/11/21 12:0 a.m.81 views

CVE-2014-8356

The web administrative portal in Zhone zNID 2426A before S3.0.501 allows remote authenticated users to bypass intended access restrictions via a modified server response, related to an insecure direct object reference. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value:...

8.8CVSS8AI score0.05636EPSS
In wildExploits4References4
NVD
NVD
added 2017/10/17 4:29 p.m.17 views

CVE-2014-8357

backupsettings.html in the web administrative portal in Zhone zNID GPON 2426A before S3.0.501 places a session key in a URL, which allows remote attackers to obtain arbitrary user passwords via the sessionKey parameter in a getConfig action to backupsettings.conf...

8.8CVSS8.6AI score0.05441EPSS
Exploits4References4
CVE
CVE
added 2017/10/17 4:0 p.m.183 views

CVE-2014-9118

CVE-2014-9118 affects Zhone zNID GPON 2426A (and related 24xx/42xx/26xx/28xx series) prior to S3.0.501. The issue is a command-injection vulnerability in the web admin portal: remote attackers can execute arbitrary commands via shell metacharacters in the ipAddr parameter to zhnping.cmd. Root cau...

9CVSS9AI score0.53364EPSS
In wildExploits4References4Affected Software1
Cvelist
Cvelist
added 2017/10/17 4:0 p.m.20 views

CVE-2014-9118

The web administrative portal in Zhone zNID GPON 2426A before S3.0.501 allows remote attackers to execute arbitrary commands via shell metacharacters in the ipAddr parameter to zhnping.cmd...

9.1AI score0.53364EPSS
Exploits4References4
ATTACKERKB
ATTACKERKB
added 2017/10/17 12:0 a.m.25 views

CVE-2014-9118

The web administrative portal in Zhone zNID GPON 2426A before S3.0.501 allows remote attackers to execute arbitrary commands via shell metacharacters in the ipAddr parameter to zhnping.cmd. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

9CVSS9AI score0.53364EPSS
In wildExploits4References5
NVD
NVD
added 2017/02/17 7:59 a.m.13 views

CVE-2017-5998

Cross-site scripting XSS vulnerability in InterSect Alliance SNARE Epilog for UNIX version 1.5 allows remote authenticated users to inject arbitrary web script or HTML via the strlogname parameter in a "Web Admin Portal Log Configuration Add" action...

5.4CVSS5.2AI score0.00599EPSS
Exploits1References1
OSV
OSV
added 2017/02/17 7:59 a.m.4 views

CVE-2017-5998

Cross-site scripting XSS vulnerability in InterSect Alliance SNARE Epilog for UNIX version 1.5 allows remote authenticated users to inject arbitrary web script or HTML via the strlogname parameter in a "Web Admin Portal Log Configuration Add" action...

5.4CVSS5.9AI score0.00599EPSS
Exploits1References1
Cvelist
Cvelist
added 2017/02/17 7:45 a.m.18 views

CVE-2017-5998

Cross-site scripting XSS vulnerability in InterSect Alliance SNARE Epilog for UNIX version 1.5 allows remote authenticated users to inject arbitrary web script or HTML via the strlogname parameter in a "Web Admin Portal Log Configuration Add" action...

5.2AI score0.00599EPSS
Exploits1References1
Rows per page
Query Builder