|
268051
|
7.5 |
HIGH
Network
|
iodata
|
ts-wrlp_firmware
ts-wrla_firmware
|
I-O DATA DEVICE TS-WRLP firmware version 1.00.01 and earlier and TS-WRLA firmware version 1.00.01 and earlier allow remote attackers to obtain authentication credentials via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2016-7814
|
2024-11-21 11:58 |
2017-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268052
|
6.1 |
MEDIUM
Network
|
emon-cms
|
deraemon-cms
|
Cross-site scripting vulnerability in DERAEMON-CMS version 0.8.9 and earlier allows remote attackers to inject arbitrary web script or HTML via the parameters hostname, database and username.
|
CWE-79
Cross-site Scripting
|
CVE-2016-7813
|
2024-11-21 11:58 |
2017-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268053
|
8.8 |
HIGH
Adjacent
|
corega
|
cg-wlr300nx_firmware
|
Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows an attacker on the same network segment to bypass access restriction to perform arbitrary operations via unspecified vectors.
|
CWE-284
Improper Access Control
|
CVE-2016-7811
|
2024-11-21 11:58 |
2017-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268054
|
4.8 |
MEDIUM
Network
|
corega
|
cg-wlr300nx_firmware
|
Cross-site scripting vulnerability in Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows attacker with administrator rights to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2016-7810
|
2024-11-21 11:58 |
2017-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268055
|
8.8 |
HIGH
Network
|
corega
|
cg-wlr300nx_firmware
|
Cross-site request forgery (CSRF) vulnerability in Corega CG-WLR300NX firmware Ver. 1.20 and earlier allows remote attackers to hijack the authentication of logged in user to conduct unintended opera…
|
CWE-352
Origin Validation Error
|
CVE-2016-7809
|
2024-11-21 11:58 |
2017-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268056
|
6.1 |
MEDIUM
Network
|
corega
|
cg-wlbaragm_firmware
cg-wlbargnl_firmware
|
Cross-site scripting vulnerability in Corega CG-WLBARGMH and CG-WLBARGNL allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2016-7808
|
2024-11-21 11:58 |
2017-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268057
|
7.5 |
HIGH
Network
|
iodata
|
wfs-sr01_firmware
|
I-O DATA DEVICE WFS-SR01 firmware version 1.10 and earlier allow remote attackers to bypass access restriction to access data on storage devices inserted into the product via unspecified vectors.
|
CWE-284
Improper Access Control
|
CVE-2016-7807
|
2024-11-21 11:58 |
2017-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268058
|
9.8 |
CRITICAL
Network
|
iodata
|
wfs-sr01_firmware
|
I-O DATA DEVICE WFS-SR01 firmware version 1.10 and earlier allow remote attackers to execute arbitrary OS commands via unspecified vectors.
|
CWE-78
OS Command
|
CVE-2016-7806
|
2024-11-21 11:58 |
2017-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268059
|
5.9 |
MEDIUM
Network
|
unisys
|
mobigate
|
The mobiGate App for Android version 2.2.1.2 and earlier and mobiGate App for iOS version 2.2.4.1 and earlier do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attacke…
|
CWE-295
Improper Certificate Validation
|
CVE-2016-7805
|
2024-11-21 11:58 |
2017-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
268060
|
8.8 |
HIGH
Network
|
cybozu
|
garoon
|
SQL injection vulnerability in the Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to execute arbitrary SQL commands via "MultiReport" function.
|
CWE-89
SQL Injection
|
CVE-2016-7803
|
2024-11-21 11:58 |
2017-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
