Multiple TP-Link devices suffer from an unauthenticated persistent cross site scripting vulnerability. Affected models include TD-W9977, TL-WA801ND, TL-WA801N, TL-WR802N, and Archer-C3150.
1da398afccf3fc2ba6162181e5e7b91a
Unibox version 2.4 suffers from remote code execution and cross site request forgery vulnerabilities.
0d9c1908b02b93829d56268f4e5a5330
Various Unibox products suffers from a cross site request forgery vulnerability.
f4a13dbef7fa744bc2d7fb564747eaea
A denial of service issue has been discovered in the Gecko component of KaiOS 2.5 10.05 (platform 48.0.a2) on Nokia 8810 4G devices. When a crafted web page is visited with the internal browser, the Gecko process crashes with a segfault. Successful exploitation could lead to the remote code execution on the device.
3634f2043d52856b3dc8fee6e53be5da
Raisecom Technology GPON-ONU HT803G-07 suffers from an authenticated command injection vulnerability in the newpass and confpass parameters in /bin/WebMGR.
96852f7edee55b1d7fe41b06c5100e95
Raisecom Technology GPON-ONU HT803G-07 suffers from an authenticated command injection vulnerability in the fmgpon_loid parameter.
a7b4b967b526835e031e08633772389a
SYSTORME ISG products ISG-600C, ISG-600H, and ISG-800W suffer from an authenticated command injection vulnerability.
2b900c12b8546c4e8e5c9f117e930eb6
SYSTORME ISG products ISG-600C, ISG-600H, and ISG-800W suffer from a cross site request forgery vulnerability.
d5e0c75c7f7c7d6ee5d9b1c51cadf251
A stack overflow vulnerability has been identified in multiple Skyworth GPON HomeGateways and Optical Network terminals. Affected products include 1.DT741 Converged Intelligent Terminal (G/EPON+IPTV), 2.DT741 Converged Intelligent Terminal (G/EPON+IPTV), 3.DT721-cb GPON uplink home gateway (GPON+2FE+1POTS), 4.DT721-cb GPON Uplink Home Gateway (GPON+2FE+1POTS), 5.DT741-cb GPON uplink home gateway (GPON+4FE+1POTS+WIFI+USB), 6.DT741-cb GPON Uplink Home Gateway (GPON+4FE+1POTS+WIFI+USB), and 7.DT741-cbGPON uplink home gateway DT741-cb.
de912c87729b8b98ea82b52200e61947
Manage Engine OPutils version 8.0 suffers from an authorization bypass vulnerability due to a missing function level access control.
33975dda3e20de9f77b37db8e8b804cb
Manage Engine OPutils version 8.0 suffers from a privilege escalation vulnerability.
ddd1dfdab1ec43b051037edad0b026e9
Manage Engine OPutils version 8.0 suffers from cross site request forgery and cross site scripting vulnerabilities.
da0b63310ce05af56ec547821e62bb2c
ManageEngine Network Configuration Management build version 11000 suffers from a privilege escalation vulnerability.
721f8a3a32e703192c42c95a2ac482cc
ManageEngine Network Configuration Management build 11000 suffers from a cross site request forgery vulnerability.
f9c1968f467ae9126fb372c962dd3e1b
WordPress Ad Buttons plugin version 2.3.1 suffers from cross site request forgery and cross site scripting vulnerabilities.
e852b9ba527e9d29868c110941c97701
WordPress Ultimate Profile Builder plugin version 2.3.3 suffers from cross site request forgery and cross site scripting vulnerabilities.
b3f5807199cf9c2264400f6b795a374e
WordPress ClickBank Ads plugin version 1.7 suffers from cross site request forgery and cross site scripting vulnerabilities.
854d8aa6e035bc9bb841486fbf2431f7
Manage Engine Asset Explorer version 6.10 build 6110 suffers from cross site request forgery and persistent cross site scripting vulnerabilities.
a8ea4e7d7e34c2ce795986ac29c3b9dc
WordPress Ad Inserter plugin version 1.5.2 suffers from cross site request forgery and cross site scripting vulnerabilities.
97567eb9adf2f8df4eb066de7d468e3c
WordPress Embed-Articles plugin version 7.0.3 suffers from cross site request forgery and cross site scripting vulnerabilities.
ef1c75d6c95a9725753213ca9c3d7940
WordPress WP Statistics plugin version 9.1.2 suffers from stored cross site scripting vulnerabilities.
ed1090d2a309cf94eb64607f6b91474e
WordPress AB Google Map Travel (AB-MAP) plugin version 4.0 suffers from cross site request forgery and cross site scripting vulnerabilities.
4e136df0edf911a0cfccfb3f4ad7a168
Manage Engine Device Expert version 5.9.9.0 suffers from a reflective cross site scripting vulnerability.
f74cd28cfe9efd5be51456c3a60bd809
ManageEngine Network Configuration Management suffers from a cross site request forgery vulnerability.
758c46f5ea5bd4b20d2dbbaa4a25d4a5
Manage Engine Device Expert version 5.9.9.0 suffers from cross site request forgery and cross site scripting vulnerabilities.
0c28afbd1b355f909ade578987e45261