[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256488

 
 

909

 
 

199193

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 254723 Download | Alert*

A remote buffer overflow vulnerability in the /cgi-bin/makeRequest.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary machine instructions as root without authentication.

Multiple authentication bypass vulnerabilities in the /cgi-bin/ endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allow an attacker to leak router settings, change configuration variables, and cause denial of service via an unauthenticated endpoint.

An information disclosure vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to leak router settings, including cleartext login details, DNS settings, and other sensitive information without authentication.

DONG JOO CHO File Transfer iFamily 2.1 allows directory traversal related to the ./etc/ path.

The AirDisk Pro app 5.5.3 for iOS allows XSS via the createFolder parameter of the Create Folder function.

The AirDisk Pro app 5.5.3 for iOS allows XSS via the deleteFile parameter of the Delete function.

The AirDisk Pro app 5.5.3 for iOS allows XSS via the devicename parameter (shown next to the UI logo).

Fifthplay S.A.M.I before 2019.3_HP2 allows unauthenticated stored XSS via a POST request.

The Apros Evolution, ConsciusMap, and Furukawa provisioning systems through 2.8.1 allow remote code execution because of javax.faces.ViewState Java deserialization.

Nanometrics Centaur through 4.3.23 and TitanSMA through 4.2.20 mishandle access control for the syslog log.


Pages:      Start    13671    13672    13673    13674    13675    13676    13677    13678    13679    13680    13681    13682    13683    13684    ..   25472

© SecPod Technologies