71 matches found
EUVD-2018-6772
Malware in sbrugna...
EUVD-2019-11031
Malware in sbrugna...
EUVD-2003-1599
Malware in sbrugna...
EUVD-2014-9809
Malware in sbrugna...
EUVD-2017-6339
Malware in sbrugna...
EUVD-2018-7992
Malware in sbrugna...
EUVD-2008-6991
Malware in sbrugna...
EUVD-2023-28482
Malicious code in bioql PyPI...
CVE-2014-125118
A command injection vulnerability exists in the eScan Web Management Console version 5.5-2. The application fails to properly sanitize the 'pass' parameter when processing login requests to login.php, allowing an authenticated attacker with a valid username to inject arbitrary commands via a...
CVE-2014-125118
A command injection vulnerability exists in the eScan Web Management Console version 5.5-2. The application fails to properly sanitize the 'pass' parameter when processing login requests to login.php, allowing an authenticated attacker with a valid username to inject arbitrary commands via a...
CVE-2014-125118 eScan 5.5-2 Web Management Console Command Injection
A command injection vulnerability exists in the eScan Web Management Console version 5.5-2. The application fails to properly sanitize the 'pass' parameter when processing login requests to login.php, allowing an authenticated attacker with a valid username to inject arbitrary commands via a...
CVE-2014-125118 eScan 5.5-2 Web Management Console Command Injection
A command injection vulnerability exists in the eScan Web Management Console version 5.5-2. The application fails to properly sanitize the 'pass' parameter when processing login requests to login.php, allowing an authenticated attacker with a valid username to inject arbitrary commands via a...
CVE-2014-125118
CVE-2014-125118 affects eScan Web Management Console 5.5-2. The flaw is a command-injection in login.php where the pass parameter isn’t properly sanitized, enabling an authenticated attacker with a valid username to inject commands and achieve remote code execution. Privilege escalation to root v...
PT-2025-31209 · Undefined · Undefined
A command injection vulnerability exists in the eScan Web Management Console version 5.5-2. The application fails to properly sanitize the 'pass' parameter when processing login requests to login.php, allowing an authenticated attacker with a valid username to inject arbitrary commands via a...
CVE-2023-24464
Stored-cross-site scripting vulnerability in Buffalo network devices allows an attacker with access to the web management console of the product to execute arbitrary JavaScript on a legitimate user's web browser. The affected products and versions are as follows: BS-GS2008 firmware Ver. 1.0.10.01...
CVE-2019-20486
An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. Multiple pages setup.cgi and advindex.htm within the web management console are vulnerable to stored XSS, as demonstrated by the configuration of the UI language...
The vulnerability of the web management console of the IP-ATC Agat CU-7214, related to the lack of measures taken to protect the SQL query structure, allows a hacker to execute arbitrary SQL code.
The vulnerability of the IP-ATC Agat CU-7214 web management console relates to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a remote attacker to execute arbitrary SQL code...
CVE-2023-24464
Stored-cross-site scripting vulnerability in Buffalo network devices allows an attacker with access to the web management console of the product to execute arbitrary JavaScript on a legitimate user's web browser. The affected products and versions are as follows: BS-GS2008 firmware Ver. 1.0.10.01...
PT-2023-19622 · Unknown +4 · Bs-Gs2024P +5
Name of the Vulnerable Software and Affected Versions: BS-GS2008 firmware versions 1.0.10.01 and earlier BS-GS2016 firmware versions 1.0.10.01 and earlier BS-GS2024 firmware versions 1.0.10.01 and earlier BS-GS2048 firmware versions 1.0.10.01 and earlier BS-GS2008P firmware versions 1.0.10.01 and...
CVE-2023-24464
CVE-2023-24464 is a stored cross-site scripting vulnerability in Buffalo network devices (BS-GS2008/2016/2024/2048 and their “P” variants; firmware 1.0.10.01 and earlier). The underlying issue is a stored XSS in the web management console that allows an attacker with access to the management UI t...