CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2014-0397

Malware in sbrugna...

9CVSS6.4AI score0.01139EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2014-0396

Malware in sbrugna...

7.8CVSS6.4AI score0.15531EPSS

Exploits0References2

OSV•added 2025/08/14 6:52 p.m.•1 views

MAL-2025-16296 Malicious code in buffer-xnr (npm)

The package buffer-xnr was found to contain malicious code...

7.2AI score

Exploits0

OSSF Malicious Packages•added 2025/08/14 6:52 p.m.•2 views

Malicious code in buffer-xnr (npm)

The package buffer-xnr was found to contain malicious code...

7AI score

Exploits0

Github Security Blog•added 2020/09/03 9:57 p.m.•17 views

Malicious Package in buffer-xnr

Version 2.0.2 contained malicious code. The package targeted the Ethereum cryptocurrency and performed transactions to wallets not controlled by the user. Recommendation Remove the package from your environment. Ensure no Ethereum funds were compromised...

4.4AI score

Exploits0References2Affected Software1

NVD•added 2014/04/15 10:55 a.m.•10 views

CVE-2014-0359

Xangati XSR before 11 and XNR before 7 allows remote attackers to execute arbitrary commands via shell metacharacters in a guiinputtest.pl params parameter to servlet/Installer...

9CVSS7.6AI score0.01139EPSS

Exploits0References1

NVD•added 2014/04/15 10:55 a.m.•9 views

CVE-2014-0358

Multiple directory traversal vulnerabilities in Xangati XSR before 11 and XNR before 7 allow remote attackers to read arbitrary files via a .. dot dot in 1 the file parameter in a getUpgradeStatus action to servlet/MGConfigData, 2 the download parameter in a download action to servlet/MGConfigDat...

7.8CVSS6.9AI score0.15531EPSS

Exploits0References1

Prion•added 2014/04/15 10:55 a.m.•11 views

Design/Logic Flaw

Xangati XSR before 11 and XNR before 7 allows remote attackers to execute arbitrary commands via shell metacharacters in a guiinputtest.pl params parameter to servlet/Installer...

9CVSS8.2AI score0.01139EPSS

Exploits0References1

Prion•added 2014/04/15 10:55 a.m.•18 views

Directory traversal

7.8CVSS7.4AI score0.15531EPSS

Exploits0References1

Cvelist•added 2014/04/15 10:0 a.m.•19 views

CVE-2014-0358

6.9AI score0.15531EPSS

Exploits0References1

CVE•added 2014/04/15 10:0 a.m.•41 views

CVE-2014-0358

CVE-2014-0358 affects Xangati XSR before 11 and XNR before 7, with multiple directory traversal vulnerabilities allowing remote attackers to read arbitrary files via ../ in parameters for actions on MGConfigData, Installer, or related endpoints. The root cause is improper input validation of file...

7.8CVSS7AI score0.15531EPSS

Exploits0References1Affected Software2

CVE•added 2014/04/15 10:0 a.m.•52 views

CVE-2014-0359

The CVE-2014-0359 issue affects Xangati XSR before 11 and XNR before 7, where an attacker can remotely execute arbitrary commands through shell metacharacters in the params parameter of gui_input_test.pl used by the servlet/Installer. The root cause is insufficient input validation that allows co...

9CVSS7.9AI score0.01139EPSS

Exploits0References1Affected Software2

exploitpack•added 2014/04/14 12:0 a.m.•22 views

Xangati - servletInstaller?file Directory Traversal

Xangati - servletInstaller?file Directory Traversal source: https://www.securityfocus.com/bid/66817/info Xangati XSR And XNR are prone to a multiple directory-traversal vulnerabilities. A remote attacker could exploit these vulnerabilities using directory-traversal characters '../' to access or...

0.5AI score

Exploits0

exploitpack•added 2014/04/14 12:0 a.m.•10 views

Xangati XSR XNR - gui_input_test.pl Remote Command Execution

Xangati XSR XNR - guiinputtest.pl Remote Command Execution source: https://www.securityfocus.com/bid/66819/info Xangati XSR And XNR are prone to a remote command-execution vulnerability because the application fails to sufficiently sanitize user-supplied input data. An attacker may leverage this...

0.1AI score

Exploits0

Exploit DB•added 2014/04/14 12:0 a.m.•21 views

Xangati - '/servlet/Installer?file' Directory Traversal

source: https://www.securityfocus.com/bid/66817/info Xangati XSR And XNR are prone to a multiple directory-traversal vulnerabilities. A remote attacker could exploit these vulnerabilities using directory-traversal characters '../' to access or read arbitrary files that contain sensitive...

7.4AI score

Exploits0

exploitpack•added 2014/04/14 12:0 a.m.•13 views

Xangati - servletMGConfigData Multiple Directory Traversals

Xangati - servletMGConfigData Multiple Directory Traversals source: https://www.securityfocus.com/bid/66817/info Xangati XSR And XNR are prone to a multiple directory-traversal vulnerabilities. A remote attacker could exploit these vulnerabilities using directory-traversal characters '../' to...

0.5AI score

Exploits0

CERT•added 2014/04/14 12:0 a.m.•38 views

Xangati software release contains relative path traversal and command injection vulnerabilities

Overview Xangati's software release contains relative path traversal CWE-23 and command injection CWE-78 vulnerabilities. Description Xangati's software release contains relative path traversal CWE-23 and command injection CWE-78 vulnerabilities.CWE-23: Relative Path Traversal -CVE-2014-0358 The...

9CVSS6.9AI score0.15531EPSS

Exploits0References3

Exploit DB•added 2014/04/14 12:0 a.m.•19 views

Xangati XSR / XNR - 'gui_input_test.pl' Remote Command Execution

source: https://www.securityfocus.com/bid/66819/info Xangati XSR And XNR are prone to a remote command-execution vulnerability because the application fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary commands in the context of the...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by