|
255421
|
5.4 |
MEDIUM
Network
|
axesstel
|
mu553s_firmware
|
On the Axesstel MU553S MU55XS-V1.14, there is a Stored Cross Site Scripting vulnerability in the APN parameter under the "Basic Settings" page.
|
CWE-79
Cross-site Scripting
|
CVE-2017-13724
|
2024-11-21 12:11 |
2017-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255422
|
9.8 |
CRITICAL
Network
|
lexmark
|
scan_to_network
|
Lexmark Scan To Network (SNF) 3.2.9 and earlier stores network configuration credentials in plaintext and transmits them in requests, which allows remote attackers to obtain sensitive information via…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2017-13771
|
2024-11-21 12:11 |
2017-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255423
|
5.4 |
MEDIUM
Network
|
wibu
|
codemeter
|
Cross-site scripting (XSS) vulnerability in the "advanced settings - time server" module in Wibu-Systems CodeMeter before 6.50b allows remote attackers to inject arbitrary web script or HTML via the …
|
CWE-79
Cross-site Scripting
|
CVE-2017-13754
|
2024-11-21 12:11 |
2017-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255424
|
8.8 |
HIGH
Network
|
twsz
|
wifi_repeater_firmware
|
T&W WIFI Repeater BE126 allows remote authenticated users to execute arbitrary code via shell metacharacters in the user parameter to cgi-bin/webupg.
|
CWE-78
OS Command
|
CVE-2017-13713
|
2024-11-21 12:11 |
2017-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255425
|
7.5 |
HIGH
Network
|
qemu
debian
|
qemu
debian_linux
|
Use-after-free vulnerability in the sofree function in slirp/socket.c in QEMU (aka Quick Emulator) allows attackers to cause a denial of service (QEMU instance crash) by leveraging failure to properl…
|
CWE-416
Use After Free
|
CVE-2017-13711
|
2024-11-21 12:11 |
2017-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255426
|
7.8 |
HIGH
Local
|
symantec
|
proxyclient
|
Symantec ProxyClient 3.4 for Windows is susceptible to a privilege escalation vulnerability. A malicious local Windows user can, under certain circumstances, exploit this vulnerability to escalate th…
|
NVD-CWE-noinfo
|
CVE-2017-13674
|
2024-11-21 12:11 |
2017-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255427
|
5.5 |
MEDIUM
Local
|
qemu
debian
|
qemu
debian_linux
|
QEMU (aka Quick Emulator), when built with the VGA display emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) via vector…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-13672
|
2024-11-21 12:11 |
2017-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255428
|
9.8 |
CRITICAL
Network
|
vxsearch
|
vx_search
|
Buffer overflow in the web server service in VX Search Enterprise 10.0.14 allows remote attackers to execute arbitrary code via a crafted GET request.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-13708
|
2024-11-21 12:11 |
2017-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255429
|
6.5 |
MEDIUM
Network
|
blackcat-cms
|
blackcat_cms
|
In BlackCat CMS 1.2, remote authenticated users can upload any file via the media upload function in backend/media/ajax_upload.php, as demonstrated by a ZIP archive that contains a .php file.
|
NVD-CWE-noinfo
|
CVE-2017-13670
|
2024-11-21 12:11 |
2017-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255430
|
7.5 |
HIGH
Network
|
eyesofnetwork
|
eyesofnetwork
|
The EyesOfNetwork web interface (aka eonweb) 5.1-0 allows directory traversal attacks for reading arbitrary files via the module/admin_conf/download.php file parameter.
|
CWE-22
Path Traversal
|
CVE-2017-13780
|
2024-11-21 12:11 |
2017-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
