[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 7884 Download | Alert*

SolarWinds TFTP Server allows remote attackers to cause a denial of service (crash) via a long write request.

Cacti 1.2.8 allows Remote Code Execution (by privileged users) via shell metacharacters in the Performance Boost Debug Log field of poller_automation.php. OS commands are executed when a new poller cycle begins. The attacker must be authenticated, and must have access to modify the Performance Settings of the product.

UHP UHP-100,, and 3.4.3 devices allow XSS via cw2?td= (Site Name field of the Site Setup section).

Ruckus ZoneFlex R310 devices allow Stored XSS via the SSID field on the Configuration > Radio 2.4G > Wireless X screen (after a successful login to the super account).

UHP UHP-100,, and 3.4.3 devices allow XSS via cB3?ta= (profile title).

Evoko Home 1.31 devices allow remote attackers to obtain sensitive information (such as usernames and password hashes) via a WebSocket request, as demonstrated by the sockjs/224/uf1psgff/websocket URI at a wss:// URL.

KMS Controls BAC-A1616BC BACnet devices have a cleartext password of snowman in the BACKDOOR_NAME variable in the BC_Logon.swf file.

Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, backup.asp, sys-power.asp, ifaces-wls.asp, ifaces-wls-pkt.asp, and ifaces-wls-pkt-adv.asp.

Evoko Home 1.31 devices provide different error messages for failed login requests depending on whether the username is valid.

An issue was discovered in Amcrest Web Server 2.520.AC00.18.R 2017-06-29 WEB The login page responds with JavaScript when one tries to authenticate. An attacker who changes the result parameter (to true) in this JavaScript code can bypass authentication and achieve limited privileges (ability to see every option but not modify them).

Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   788

© SecPod Technologies