1022 matches found
Belkin G Wireless Router 5.00.12 Password Hash Disclosure
+-----------------------------------------+ | Belkin G Wireless Router Admin Exploit. | +-----------------------------------------+ Firmware Version : 5.00.12 Sep 10 2009 19:54:12 Boot Version : 1.18 Hardware : F5D7234-4 v5 01 Author : Aodrulez. Email : [email protected] Twitter :...
Cross site request forgery (csrf)
The web interface in chumby one before 1.0.4 and chumby classic before 1.7.2 allows remote attackers to execute arbitrary commands via shell metacharacters in a request...
Directory traversal
Directory traversal vulnerability in a support component in the web interface in VMware Studio 2.0 public beta before build 1017-185256 allows remote attackers to upload files to arbitrary locations via unspecified vectors...
Sql injection
Eval injection vulnerability in the web interface plugin in KTorrent before 3.1.4 allows remote attackers to execute arbitrary PHP code via unspecified parameters to this interface's PHP scripts...
RemotelyAnywhere Cross Site Scripting
The remote RemotelyAnywhere web interface is vulnerable to a cross site scripting issue. Description : A vulnerability in RemotelyAnywhere's web interface allows a remote attacker to inject malicious text into the login screen, this can be used by an attacker to make the user do things he would...
CVE-2005-3040
Directory traversal vulnerability in the web interface ISALogin.dll for TAC Vista 4.0, and possibly other versions before 4.3, allows remote attackers to read arbitrary files via ".." sequences in the Template parameter...
CVE-2004-2071
Macallan Mail Solution 2.8.4.6 Build 260, and possibly earlier versions, allows remote attackers to bypass authentication in the web interface via an HTTP GET request with two slashes "//" after the server name...
CVE-2004-2606
The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version 3, with the firewall disabled, allows remote attackers to attempt to login to an administration web page, even when the configuration specifies that remote administration is disabled...
Pinnacle ShowCenter 1.51 - Web Interface Skin Denial of Service
source: https://www.securityfocus.com/bid/11232/info The Pinnacle Systems ShowCenter web-based interface is reported prone to a remote denial of service vulnerability. The issue exists due to a lack of sanity checks performed on the Skin parameter of a ShowCenter script. It is reported that the...
D-Link 704 DoS
Web-interface oversized requests DoS...
SurfControl Web Filter directory traversal
Directory traversal in web interface TCP/8888...
Communigate Pro directory traversal
Web interface directory traversal...
HP Procurve 4000M Switch - Device Reset Denial of Service
HP Procurve 4000M Switch - Device Reset Denial of Service source: https://www.securityfocus.com/bid/5784/info When multiple Procurve switches are used interconnected, it is common for an administrator to enable a feature allowing each switch to be viewed through a single interface, accessible via...
HP Compaq Insight Manager - Web Interface Cross-Site Scripting
HP Compaq Insight Manager - Web Interface Cross-Site Scripting source: https://www.securityfocus.com/bid/5780/info It has been reported that the Compaq Insight Manager web interface is prone to cross-site scripting attacks. It is possible to construct a malicious link to a Compaq Insight Manager...
CVE-2001-1039
The JetAdmin web interface for HP JetDirect does not set a password for the telnet interface when the admin password is changed, which allows remote attackers to gain access to the printer...
CVE-2001-0058
The Web interface to Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a URL that does not end in a space character...
Очередная дырка в IMAIL
Используя Web-интерефейс можно прикрепить локальный файл с сервера к письму пользователя...
CVE-2000-0557
Buffer overflow in the web interface for Cmail 2.4.7 allows remote attackers to execute arbitrary commands via a long GET request...
CVE-2000-0443
The web interface server in HP Web JetAdmin 5.6 allows remote attackers to read arbitrary files via a .. dot dot attack...
CVE-2000-0634
The web administration interface for CommuniGate Pro 3.2.5 and earlier allows remote attackers to read arbitrary files via a .. dot dot attack...