|
266131
|
7.4 |
HIGH
Network
|
kddi
|
home_spot_cube_firmware
|
Open redirect vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
|
NVD-CWE-Other
|
CVE-2016-1137
|
2024-11-21 11:45 |
2016-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266132
|
5.4 |
MEDIUM
Network
|
kddi
|
home_spot_cube_firmware
|
Cross-site scripting (XSS) vulnerability on KDDI HOME SPOT CUBE devices before 2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2016-1136
|
2024-11-21 11:45 |
2016-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266133
|
6.1 |
MEDIUM
Network
|
buffalotech
|
wmr-300_firmware
wex-300_firmware
wmr-433_firmware
bhr-4grv2_firmware
whr-300hp2_firmware
whr-1166dhp_firmware
whr-600d_firmware
wsr-1166dhp_firmware
|
Cross-site scripting (XSS) vulnerability on BUFFALO BHR-4GRV2 devices with firmware 1.04 and earlier, WEX-300 devices with firmware 1.90 and earlier, WHR-1166DHP devices with firmware 1.90 and earlie…
|
CWE-79
Cross-site Scripting
|
CVE-2016-1135
|
2024-11-21 11:45 |
2016-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266134
|
8.8 |
HIGH
Network
|
buffalotech
|
whr-1166dhp_firmware
whr-300hp2_firmware
wmr-300_firmware
bhr-4grv2_firmware
wex-300_firmware
whr-600d_firmware
wmr-433_firmware
wsr-1166dhp_firmware
|
Cross-site request forgery (CSRF) vulnerability on BUFFALO BHR-4GRV2 devices with firmware 1.04 and earlier, WEX-300 devices with firmware 1.90 and earlier, WHR-1166DHP devices with firmware 1.90 and…
|
CWE-352
Origin Validation Error
|
CVE-2016-1134
|
2024-11-21 11:45 |
2016-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266135
|
9.1 |
CRITICAL
Network
|
seeds
|
acmailer
|
Seeds acmailer before 3.8.21 and 3.9.x before 3.9.15 Beta allows remote authenticated users to execute arbitrary OS commands via unspecified vectors.
|
CWE-78
OS Command
|
CVE-2016-1142
|
2024-11-21 11:45 |
2016-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266136
|
3.7 |
LOW
Network
|
dena
|
h2o
|
CRLF injection vulnerability in the on_req function in lib/handler/redirect.c in H2O before 1.6.2 and 1.7.x before 1.7.0-beta3 allows remote attackers to inject arbitrary HTTP headers and conduct HTT…
|
NVD-CWE-Other
|
CVE-2016-1133
|
2024-11-21 11:45 |
2016-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266137
|
7.8 |
HIGH
Local
|
dx_library_project
|
dx_library
|
Buffer overflow in the CL_vsprintf function in Takumi Yamada DX Library before 3.16 allows remote attackers to execute arbitrary code via a crafted string.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2016-1131
|
2024-11-21 11:45 |
2016-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266138
|
6.1 |
MEDIUM
Network
|
pojo
|
activity_log
|
The aryo-activity-log plugin before 2.3.2 for WordPress has XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2016-10890
|
2024-11-21 11:44 |
2019-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266139
|
9.8 |
CRITICAL
Network
|
tipsandtricks-hq
|
all_in_one_wp_security_\&_firewall
|
The all-in-one-wp-security-and-firewall plugin before 4.0.7 for WordPress has multiple SQL injection issues.
|
CWE-89
SQL Injection
|
CVE-2016-10888
|
2024-11-21 11:44 |
2019-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266140
|
9.8 |
CRITICAL
Network
|
tipsandtricks-hq
|
all_in_one_wp_security_\&_firewall
|
The all-in-one-wp-security-and-firewall plugin before 4.0.9 for WordPress has multiple SQL injection issues.
|
CWE-89
SQL Injection
|
CVE-2016-10887
|
2024-11-21 11:44 |
2019-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
