|
248391
|
7.5 |
HIGH
Network
|
dnatools
|
dnalims
|
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to a NUL-terminated directory traversal attack allowing an unauthenticated attacker to access system files readable by the…
|
CWE-22
Path Traversal
|
CVE-2017-6527
|
2024-11-21 12:29 |
2017-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248392
|
9.8 |
CRITICAL
Network
|
dnatools
|
dnalims
|
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to unauthenticated command execution through an improperly protected administrative web shell (cgi-bin/dna/sysAdmin.cgi PO…
|
CWE-287
Improper Authentication
|
CVE-2017-6526
|
2024-11-21 12:29 |
2017-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248393
|
8.1 |
HIGH
Network
|
dahuasecurity
|
nvr_firmware
|
An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06 devices. The Dahua DVR Protocol, which operates on TCP Port 37777, is an unencrypted, binary protocol. Performing a Ma…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2017-6432
|
2024-11-21 12:29 |
2017-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248394
|
6.1 |
MEDIUM
Network
|
asus
|
rt-ac53_firmware
|
Cross-site scripting (XSS) vulnerability in httpd on ASUS RT-N56U, RT-N66U, RT-AC66U, RT-N66R, RT-AC66R, RT-AC68U, RT-AC68R, RT-N66W, RT-AC66W, RT-AC87R, RT-AC87U, RT-AC51U, RT-AC68P, RT-N11P, RT-N12…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6547
|
2024-11-21 12:29 |
2017-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248395
|
6.1 |
MEDIUM
Network
|
wuhu_project
|
wuhu
|
Gargaj/wuhu through 2017-03-08 is vulnerable to a reflected XSS in wuhu-master/www_admin/users.php (id parameter).
|
CWE-79
Cross-site Scripting
|
CVE-2017-6544
|
2024-11-21 12:29 |
2017-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248396
|
7.3 |
HIGH
Local
|
tenable
|
nessus
appliance
|
Tenable Nessus before 6.10.2 (as used alone or in Tenable Appliance before 4.5.0) was found to contain a flaw that allowed a remote, authenticated attacker to upload a crafted file that could be writ…
|
NVD-CWE-noinfo
|
CVE-2017-6543
|
2024-11-21 12:29 |
2017-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248397
|
6.1 |
MEDIUM
Network
|
webpagetest_project
|
webpagetest
|
Multiple Cross-Site Scripting (XSS) issues were discovered in webpagetest 3.0. The vulnerabilities exist due to insufficient filtration of user-supplied data (benchmark, time) passed to the webpagete…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6541
|
2024-11-21 12:29 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248398
|
6.1 |
MEDIUM
Network
|
webpagetest_project
|
webpagetest
|
Multiple Cross-Site Scripting (XSS) issues were discovered in webpagetest 3.0. The vulnerabilities exist due to insufficient filtration of user-supplied data (configs) passed to the webpagetest-maste…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6540
|
2024-11-21 12:29 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248399
|
6.1 |
MEDIUM
Network
|
webpagetest_project
|
webpagetest
|
Multiple Cross-Site Scripting (XSS) issues were discovered in webpagetest 3.0. The vulnerabilities exist due to insufficient filtration of user-supplied data (benchmark, time) passed to the webpagete…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6539
|
2024-11-21 12:29 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248400
|
6.1 |
MEDIUM
Network
|
webpagetest_project
|
webpagetest
|
A Cross-Site Scripting (XSS) issue was discovered in webpagetest 3.0. The vulnerability exists due to insufficient filtration of user-supplied data (video) passed to the webpagetest-master/www/speedi…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6538
|
2024-11-21 12:29 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
