CVE-2025-62757

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebMan Design | Oliver Juhas WebMan Amplifier webman-amplifier allows DOM-Based XSS.This issue affects WebMan Amplifier: from n/a through = 1.5.12...

CVE-2025-62757

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebMan Design | Oliver Juhas WebMan Amplifier webman-amplifier allows DOM-Based XSS.This issue affects WebMan Amplifier: from n/a through = 1.5.12...

CVE-2025-62757 WordPress WebMan Amplifier plugin <= 1.5.12 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebMan Design | Oliver Juhas WebMan Amplifier allows DOM-Based XSS.This issue affects WebMan Amplifier: from n/a through 1.5.12...

CVE-2025-62757 WordPress WebMan Amplifier plugin <= 1.5.12 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebMan Design | Oliver Juhas WebMan Amplifier webman-amplifier allows DOM-Based XSS.This issue affects WebMan Amplifier: from n/a through = 1.5.12...

CVE-2025-62757

CVE-2025-62757 : WordPress WebMan Amplifier vulnerability in which WebMan Amplifier

EUVD-2025-205920

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebMan Design | Oliver Juhas WebMan Amplifier allows DOM-Based XSS.This issue affects WebMan Amplifier: from n/a through 1.5.12...

WordPress WebMan Amplifier plugin <= 1.5.12 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin WebMan Amplifier versions = 1.5.12...

PT-2025-54311

Name of the Vulnerable Software and Affected Versions WebMan Amplifier versions through 1.5.12 Description A flaw exists in WebMan Amplifier that allows for DOM-Based Cross-site Scripting XSS. This issue occurs due to improper neutralization of input during web page generation. The vulnerability...

WordPress plugin WebMan Amplifier 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2023-34849

An unauthorized command injection vulnerability exists in the ActionLogin function of the webman.lua file in Ikuai router OS through 3.7.1...

CVE-2023-34849

An unauthorized command injection vulnerability exists in the ActionLogin function of the webman.lua file in Ikuai router OS through 3.7.1...

CVE-2023-34849

An unauthorized command injection vulnerability exists in the ActionLogin function of the webman.lua file in Ikuai router OS through 3.7.1...

IKuai OS 命令注入漏洞

IKuai OS is an operating system from the Chinese company IKuai. It provides a powerful set of gateways, DPI-based traffic shaping, AC control, and portal authentication features that can increase capital efficiency by reducing initial installation costs. IKuai OS version 3.7.1 suffers from a...

PT-2023-25031 · Ikuai · Ikuai Router Os

Name of the Vulnerable Software and Affected Versions: Ikuai router OS versions through 3.7.1 Description: An unauthorized command injection vulnerability exists in the ActionLogin function of the webman.lua file. This issue allows for command injection, potentially leading to unauthorized access...

Synology DiskStation Manager - smart.cgi Remote Command Execution Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule \d+&minor=?\d+&build=?\d+ &junior=\d+&unique=synology\w+?^&+/x.freeze def initializeinfo = super updateinfo info, 'Name' = 'Synology DiskStation...

Synology DiskStation Manager smart.cgi - Remote Command Execution

This Metasploit module exploits a vulnerability found in Synology DiskStation Manager DSM versions prior to 5.2-5967-5... This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule \d+&minor=?\d+&build=?\d...

Synology DiskStation Manager smart.cgi Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule \d+&minor=?\d+&build=?\d+ &junior=\d+&unique=synology\w+?^&+/x.freeze def initializeinfo = super updateinfo info, 'Name' = 'Synology DiskStation...

Synology DiskStation Manager (DSM) 6.1.3-15152 - forget_passwd.cgi User Enumeration

Synology DiskStation Manager DSM 6.1.3-15152 - forgetpasswd.cgi User Enumeration Exploit Title: Synology DiskStation Manager DSM 6.1.3-15152 - 'forgetpasswd.cgi' User Enumeration Date: 01/05/2018 Exploit Author: Steve Kaun Vendor Homepage: https://www.synology.com Version: Before 6.1.3-15152 CVE ...

Synology StorageManager 5.2 - Root Remote Command Execution

Synology StorageManager 5.2 - Root Remote Command Execution ''' SSD Advisory – Synology StorageManager smart.cgi Remote Command Execution Full report: https://blogs.securiteam.com/index.php/archives/3540 Twitter: @SecuriTeamSSD Weibo: SecuriTeamSSD Vulnerability Summary The following advisory...

Synology DiskStation Manager SLICEUPLOAD Code Execution (CVE-2013-6955)

An arbitrary file upload vulnerability exists in Synology DiskStation Manager. The vulnerability exists in webman/imageSelector.cgi. A remote unauthenticated attacker can append data to files by sending specially crafted HTTP requests to the server and execute arbitrary code through that...