16822 matches found
Qualitia Active! Mail Web Interface Detection
Binary data qualitiaactivemailwebdetect.nbin...
Linux Distros Unpatched Vulnerability : CVE-2018-6054
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebUI in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension...
CVE-2025-8415
A vulnerability was found in the Cryostat HTTP API. Cryostat's HTTP API binds to all network interfaces, allowing possible external visibility and access to the API port if Network Policies are disabled, allowing an unauthenticated, malicious attacker to jeopardize the environment...
CVE-2025-20269
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, low-privileged, remote attacker to retrieve arbitrary files from the underlying file system on an affected device. This vulnerabili...
CVE-2025-20269
The CVE-2025-20269 issue affects Cisco EPNM and Cisco Prime Infrastructure web-based management interfaces. Root cause: insufficient input validation for specific HTTP requests, enabling an authenticated, low-privileged, remote attacker to retrieve arbitrary files from the device’s file system. I...
CVE-2012-10061
Sockso Music Host Server versions = 1.5 are vulnerable to a path traversal flaw that allows unauthenticated remote attackers to read arbitrary files from the server’s filesystem. The vulnerability exists in the HTTP interface on port 4444, where the endpoint /file/ fails to properly sanitize...
CVE-2010-20059
FreeNAS 0.7.2 prior to revision 5543 includes an unauthenticated command‐execution backdoor in its web interface. The execraw.php script exposes a cmd parameter that is passed directly to the underlying shell without sanitation...
Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Sensitive Information Disclosure Vulnerability
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, low-privileged, remote attacker to retrieve arbitrary files from the underlying file system on an affected device. This vulnerabili...
CVE-2012-10061
Sockso Music Host Server
CVE-2010-20059
FreeNAS 0.7.2 prior to revision 5543 includes an unauthenticated command‐execution backdoor in its web interface. The execraw.php script exposes a cmd parameter that is passed directly to the underlying shell without sanitation...
CVE-2010-20059 FreeNAS < 0.7.2 rev 5543 exec_raw.php Arbitrary Command Execution
FreeNAS 0.7.2 prior to revision 5543 includes an unauthenticated command‐execution backdoor in its web interface. The execraw.php script exposes a cmd parameter that is passed directly to the underlying shell without sanitation...
CVE-2010-20059
CVE-2010-20059 affects FreeNAS 0.7.2 prior to revision 5543. The vulnerability arises in the web interface’s exec_raw.php where an unauthenticated cmd parameter is passed directly to the shell without sanitization, enabling remote command execution. Impact is substantial: arbitrary commands execu...
CVE-2025-9225
Stored cross-site scripting XSS in the web interface of MiR software versions prior to 3.0.0 on MiR Robots and MiR Fleet allows execution of arbitrary JavaScript code in a victim’s browser...
CVE-2025-9225
CVE-2025-9225 affects MiR software prior to 3.0.0 in MiR Robots and MiR Fleet. The issue is a stored cross-site scripting (XSS) in the web interface, enabling execution of arbitrary JavaScript in a victim’s browser. Root cause details are not elaborated beyond the XSS attribution in multiple sour...
CVE-2025-9225 Cross-site scripting (XSS) in MiR robots and MiR fleet
Stored cross-site scripting XSS in the web interface of MiR software versions prior to 3.0.0 on MiR Robots and MiR Fleet allows execution of arbitrary JavaScript code in a victim’s browser...
CVE-2025-9225 Cross-site scripting (XSS) in MiR robots and MiR fleet
Stored cross-site scripting XSS in the web interface of MiR software versions prior to 3.0.0 on MiR Robots and MiR Fleet allows execution of arbitrary JavaScript code in a victim’s browser...
PT-2025-33906 · Mir · Mir
Name of the Vulnerable Software and Affected Versions: MiR software versions prior to 3.0.0 Description: Stored cross-site scripting in the web interface allows execution of arbitrary JavaScript code in a victim’s browser. Recommendations: Update MiR software to version 3.0.0 or later...
iXsystems FreeNAS 安全漏洞
Ixsystems iXsystems FreeNAS is an open source storage operating system from Ixsystems Inc. in the United States. A security vulnerability exists in iXsystems FreeNAS version 0.7.2, which originates from a web interface that contains an unauthenticated command execution backdoor that could lead to...
Sockso Music Host Server 安全漏洞
Sockso Music Host Server is a music streaming media player from the individual developer Rhodri Pugh. A security vulnerability exists in Sockso Music Host Server version 1.5 and earlier, which stems from a path traversal vulnerability in the HTTP interface that could lead to reading arbitrary fil...
PT-2025-34116 · Cisco · Cisco Evolved Programmable Network Manager +1
Name of the Vulnerable Software and Affected Versions: Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure affected versions not specified Description: A vulnerability exists in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and...