Skip to content

Home Early Warning System Issues
Issues
sNews CMS v1.7.1 Remote Command Execution / CSRF / XSS
Monday, 20 June 2016 17:23

Multiple vulneratbilities were reported in sNews CMS v1.7.1. A remote user can perform Command Execution, CSRF and XSS attacks. The project is no longer active since 2011. No solution available at this time of entry.

 
Authentication bypass in Ceragon FibeAir IP-10 web interface (
Friday, 17 June 2016 17:10

Ceragon FibeAir IP-10 devices do not properly ensure that a user has authenticated before granting them access to the web interface of the device. An attacker can add their own user account with full admin privileges through manipulation of cookie. No solution was available at the time of this entry.

 
Cisco Small Business RV110W/RV130W/RV215W Series multiple vulnerabilities
Friday, 17 June 2016 17:08

Four vulnerabilities were reported in Cisco Small Business RV110W/RV130W/RV215W Series routers. A remote user can execute arbitrary code, conduct cross-site scripting attacks, and cause the target system to reload. No solution was available at the time of this entry.

 
Apache Struts ActionForm and Validator multiple bugs
Friday, 10 June 2016 16:58

Several vulnerabilities were reported in Apache Struts. A remote user can cause denial of service conditions on the target system, execute arbitrary code and obtain potentially sensitive information. No solution was available at the time of this entry. The product has reached End of Life status.

 
Intuit QuickBooks File Processing Flaw leads to Arbitrary Code Execution
Thursday, 12 May 2016 17:14

A vulnerability was reported in QuickBooks. A remote user can cause arbitrary SQL statements and arbitrary operating system commands to be executed on the target user's system. No solution was available at the time of this entry.

 
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 7 of 141
[YOUR IP : 34.204.52.4: 45690] ...   [YOUR BROWSER: CCBot/2.0 (https://commoncrawl.org/faq/)] ...