|
249601
|
9.8 |
CRITICAL
Network
|
ftpshell
|
ftpshell_client
|
Remote Code Execution was discovered in FTPShell Client 6.53. By default, the client sends a PWD command to the FTP server it is connecting to; however, it doesn't check the response's length, leadin…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6465
|
2024-11-21 12:29 |
2017-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249602
|
8.8 |
HIGH
Network
|
dnatools
|
dnalims
|
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to session hijacking by guessing the UID parameter.
|
CWE-613
Insufficient Session Expiration
|
CVE-2017-6529
|
2024-11-21 12:29 |
2017-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249603
|
8.1 |
HIGH
Network
|
dnatools
|
dnalims
|
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is affected by plaintext password storage (the /home/dna/spool/.pfile file).
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2017-6528
|
2024-11-21 12:29 |
2017-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249604
|
7.5 |
HIGH
Network
|
dnatools
|
dnalims
|
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to a NUL-terminated directory traversal attack allowing an unauthenticated attacker to access system files readable by the…
|
CWE-22
Path Traversal
|
CVE-2017-6527
|
2024-11-21 12:29 |
2017-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249605
|
9.8 |
CRITICAL
Network
|
dnatools
|
dnalims
|
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to unauthenticated command execution through an improperly protected administrative web shell (cgi-bin/dna/sysAdmin.cgi PO…
|
CWE-287
Improper Authentication
|
CVE-2017-6526
|
2024-11-21 12:29 |
2017-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249606
|
8.1 |
HIGH
Network
|
dahuasecurity
|
nvr_firmware
|
An issue was discovered on Dahua DHI-HCVR7216A-S3 3.210.0001.10 build 2016-06-06 devices. The Dahua DVR Protocol, which operates on TCP Port 37777, is an unencrypted, binary protocol. Performing a Ma…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2017-6432
|
2024-11-21 12:29 |
2017-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249607
|
6.1 |
MEDIUM
Network
|
asus
|
rt-ac53_firmware
|
Cross-site scripting (XSS) vulnerability in httpd on ASUS RT-N56U, RT-N66U, RT-AC66U, RT-N66R, RT-AC66R, RT-AC68U, RT-AC68R, RT-N66W, RT-AC66W, RT-AC87R, RT-AC87U, RT-AC51U, RT-AC68P, RT-N11P, RT-N12…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6547
|
2024-11-21 12:29 |
2017-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249608
|
6.1 |
MEDIUM
Network
|
wuhu_project
|
wuhu
|
Gargaj/wuhu through 2017-03-08 is vulnerable to a reflected XSS in wuhu-master/www_admin/users.php (id parameter).
|
CWE-79
Cross-site Scripting
|
CVE-2017-6544
|
2024-11-21 12:29 |
2017-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249609
|
7.3 |
HIGH
Local
|
tenable
|
nessus
appliance
|
Tenable Nessus before 6.10.2 (as used alone or in Tenable Appliance before 4.5.0) was found to contain a flaw that allowed a remote, authenticated attacker to upload a crafted file that could be writ…
|
NVD-CWE-noinfo
|
CVE-2017-6543
|
2024-11-21 12:29 |
2017-03-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249610
|
6.1 |
MEDIUM
Network
|
webpagetest_project
|
webpagetest
|
Multiple Cross-Site Scripting (XSS) issues were discovered in webpagetest 3.0. The vulnerabilities exist due to insufficient filtration of user-supplied data (benchmark, time) passed to the webpagete…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6541
|
2024-11-21 12:29 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
