9 matches found
EUVD-2012-5245
Malware in sbrugna...
EUVD-2012-5246
Malware in sbrugna...
CVE-2012-5322
Multiple cross-site scripting XSS vulnerabilities in Xavi X7968 allow remote attackers to inject arbitrary web script or HTML via the 1 pvcName parameter to webconfig/wan/confirm.html/confirm or 2 hostnametxtbox parameter to webconfig/lan/lanconfig.html/locallanconfig...
CVE-2012-5323
Cross-site request forgery CSRF vulnerability in webconfig/adminpasswd/passwd.html/adminpasswd in Xavi X7968 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via the sysUserName, sysPassword, and sysCfmPwd parameters...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in webconfig/adminpasswd/passwd.html/adminpasswd in Xavi X7968 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via the sysUserName, sysPassword, and sysCfmPwd parameters...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Xavi X7968 allow remote attackers to inject arbitrary web script or HTML via the 1 pvcName parameter to webconfig/wan/confirm.html/confirm or 2 hostnametxtbox parameter to webconfig/lan/lanconfig.html/locallanconfig...
CVE-2012-5323
Cross-site request forgery CSRF vulnerability in webconfig/adminpasswd/passwd.html/adminpasswd in Xavi X7968 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via the sysUserName, sysPassword, and sysCfmPwd parameters...
CVE-2012-5323
Affected : Xavi X7968 router (webconfig/admin_passwd/passwd.html/admin_passwd). Vulnerability : Cross-site request forgery (CSRF) that allows remote attackers to hijack/alter administrator passwords by submitting requests containing sysUserName, sysPassword, and sysCfmPwd parameters. Root cause :...
CVE-2012-5322
The CVE-2012-5322 entry concerns a Xavi X7968 device with multiple XSS flaws. The vulnerabilities allow remote attackers to inject arbitrary web script or HTML through two parameters: pvcName in webconfig/wan/confirm.html/confirm and host_name_txtbox in webconfig/lan/lan_config.html/local_lan_con...