24 matches found
EUVD-2013-2973
Malware in sbrugna...
EUVD-2017-3824
Malware in sbrugna...
EUVD-2015-4744
Malware in sbrugna...
EUVD-2022-0856
Malicious code in bioql PyPI...
EUVD-2023-54646
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-40904
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The web management console of CheckMK Raw Edition versions 1.5.0 to 1.6.0 allows a misconfiguration of the web-app Dokuwiki installed by default, which allows...
CVE-2012-10028
Netwin SurgeFTP version 23c8 and prior contains a vulnerability in its web-based administrative console that allows authenticated users to execute arbitrary system commands via crafted POST requests to surgeftpmgr.cgi. This can lead to full remote code execution on the underlying system...
CVE-2022-29516
The web console of FUJITSU Network IPCOM series IPCOM EX2 IN3200, 3500, IPCOM EX2 LB1100, 3200, 3500, IPCOM EX2 SC1100, 3200, 3500, IPCOM EX2 NW1100, 3200, 3500, IPCOM EX2 DC, IPCOM EX2 DC, IPCOM EX IN2300, 2500, 2700, IPCOM EX LB1100, 1300, 2300, 2500, 2700, IPCOM EX SC1100, 1300, 2300, 2500,...
CVE-2019-9868
An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2. The SMTP password is displayed to an administrator...
CVE-2025-26796 Apache Oozie: XSS in Oozie Web Console
UNSUPPORTED WHEN ASSIGNED Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache Oozie. This issue affects Apache Oozie: all versions. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended t...
Cross-Site Scripting (XSS)
org.apache.felix, org.apache.felix.http.webconsoleplugin is vulnerable to cross-site scripting XSS. The vulnerability is due to improper neutralization of user input during web page generation, allowing an attacker to inject and execute malicious scripts in a victim’s browser through improperly...
Trend Micro Apex Central 跨站脚本漏洞
Trend Micro Apex Central is a Web-based console from Trend Micro, Inc. A cross-site scripting vulnerability exists in Trend Micro Apex Central, which can be exploited by an attacker to inject malicious script or HTML code...
CVE-2021-41111
Rundeck is an open source automation service with a web console, command line tools and a WebAPI. Prior to versions 3.4.5 and 3.3.15, an authenticated user with authorization to read webhooks in one project can craft a request to reveal Webhook definitions and tokens in another project. The user...
Nokia BTS TRS web console 安全漏洞
Nokia BTS TRS web console is Nokia Transfer Module Authentication from Nokia Finland. A security vulnerability exists in the Nokia BTS TRS web console, which originates in the Nokia BTS TRS web console FTMW20FP22019.08.160010 version, that allows an unauthenticated, malicious user to bypass the...
CVE-2021-36563
The CheckMK management web console versions 1.5.0 to 2.0.0 does not sanitise user input in various parameters of the WATO module. This allows an attacker to open a backdoor on the device with HTML content and interpreted by the browser such as JavaScript or other client-side scripts, the XSS...
PT-2021-11112 · Mimosa · Mimosa B5C +1
Name of the Vulnerable Software and Affected Versions: Mimosa B5, B5c, and C5x firmware versions through 2.8.0.2 Description: The web console for the affected firmware allows authenticated command injection in the Throughput, WANStats, PhyStats, and QosStats API classes. An attacker with access t...
Intellian Satellian Aptus Web Console Remote Code Execution Vulnerability
Intellian Satellian Aptus Web is a console system. A remote code execution vulnerability exists in the Intellian Satellian Aptus Web console. An attacker can execute arbitrary code on the target system by sending a malicious construct request to /cgi-bin/libagent.cgi using the Q field in the JSON...
Cross-Site Scripting (XSS)
web-console is vulnerable to cross-site scripting. The vulnerability, caused by missing X-Frame-Options and CSRF protections, in the oauth/token/request endpoint could allow a remote attacker to retrieve a token for CLI usage when using non default configs...
Denial of service
A vulnerability in the web console of the Cisco Cloud Services Platform CSP 2100 could allow an authenticated, remote attacker to interact maliciously with the services or virtual machines VMs operating remotely on an affected CSP device. The vulnerability is due to weaknesses in the generation o...
Cisco Cloud Services Platform Unauthorized Access Vulnerability
Cloud Services Platform 2100 is a unified and optimized x86 software and hardware platform for virtualizing data center network functions. The Cisco Cloud Services Platform CSP 2100 operates with a security vulnerability in the implementation of the Web console that could allow an authenticated,...