FlexWATCH-Webs versions 2.2 (NTSC) and below suffer from an authorization bypass via double slashes and also a cross site scripting attack.
30f2d7d384b06c83532dccf7d1af6e57c41375c5a13abfadfe0e4861c59106a0
Gigabyte Broadband Router version Gn-B46B with firmware version 1.003.00 is vulnerable to a remote authorization bypass.
e3149a74a9c9b81c93c795bacc90d54e97eece5c31f0f9a3dd7a8c272d3b6b3f
A cross site scripting vulnerability exists in VBulletin.
63600b0f7b537ceec34e8b8deb78e268a56b5b031bfc20a99ff94bc21caef919
Oracle HTTP Server powered by Apache is susceptible to a cross site scripting attack in its isqlplus script.
748ac7cca1f921761e927eaa455cbf3fdf10094a39aecbc81e13aa6dc48834ec
NextPlace.com E-Commerce ASP engine is susceptible to a cross site scripting vulnerability.
2f8af53e9dfea6fe76abccd8960b5ec38f7d3444654525851e6ed78612f36c2e
Inrtra Forum is susceptible to a cross site scripting vulnerability.
ca0e46d20d49830a841e047a4df9766b3d3bd389d20c6872a8d8aeb7d6bf63c8
BWS or Borland Web Server, which is used as the Corel Paradox relational database interface, lacks input validation and is subject to directory traversal attacks. Versions 1.0b3 and below are affected.
8aa1c69b7c9c73d721abc38cc5f94f0d8119336e8aaff6c08fbd7a4b4880b3b7
Novell Netware Enterprise web server versions 5.1 and 6.0 are vulnerable to various cross site scripting, path dislosure, and directory listing attacks.
6fa6232eddd35425923014566186261bae4069faaff0f01545f187bf7e4f140e
The NetBus web server that comes as part of the trojan is susceptible to a directory listing and remote file upload vulnerability when a trailing / or ./ is appended to the URL.
a6237e6da8ad8b78741dec936856ce7e954fdb332dab3a0e635e29a581aafeca
Version 2.05 of the Freesco thttpd server is susceptible to a cross site scripting attack.
7586f60c26ce3791038b0f784a97cbdca327bb195524fa1e6f30051b6a45b9f4
GeoHttpServer is vulnerable to an authentication bypass and a denial of service attack.
faae912330fa19a378bed24073e7eb019129f317801a1925873ee8dc480e0be3
WebcamXP versions 1.06.945 is susceptible to a cross site scripting attack.
6f7ddb9ae2a81dc995c905640c0b63ca8f6977f311391f05756247ab0490786c
2Wire-Gateway is a router that has a webserver for maintenance. The CGI interface lacks input validation when returning an error with its return variable allowing for a directory traversal attack.
7d327c33155ca85a9c8ffbe857abf59b58c2dd8d41a1f071dd99da63cc51605a
OwnServer, a web server used for watching security cameras remotely, is susceptible to a directory traversal bug that allows a remote attacker to gain access to files outside of the webroot.
b32b6045df134cd7484a3ae7c2e8bfa669777d8d1b0a5b081d9961a173b87d02
When using the SNEWS protocol, Internet Explorer lacks its filtering engine and can trigger Outlook Express to be hit by a buffer overrun resulting in possible code execution.
b1c8758f7ae810befb59be9d3679bb31b88d48ffc8d5d5c14e2ef342f8769de7
NETCam webserver running NETCam Viewers 1.0.0.28 and below have a directory traversal bug that allows remote attackers to gain access to files outside of the webroot.
3033ef31ebe260b918d9f1e9177da16b936b0caa1f3b1065986e5ccaa17a5f85
ZyXEL10 OF ZyWALL Series Router is susceptible to a cross site scripting attack.
ee9f4824af384a671547c486d07eb46e1a295e1ffe39decf1e30901262c30b3b
EDIMAX AR-6004 Full Rate ADSL Router is susceptible to a cross site scripting attack.
e60dc46a7028812c72768187eebecb1750f580ea6cb9cc644981336ebebec558
SnapStream PVS LITE is susceptible to a cross site scripting attack.
97b08742f17b79738d2135f6e42fb6c4e09cbea0c66cd9aa29021fe5c822f5ba