|
213101
|
6.1 |
MEDIUM
Network
|
ericsson
|
active_library_explorer
|
XSS exists in Ericsson Active Library Explorer (ALEX) 14.3 in multiple parameters in the "/cgi-bin/alexserv" servlet, as demonstrated by the DB, FN, fn, or id parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2019-7417
|
2024-11-21 13:48 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213102
|
6.1 |
MEDIUM
Network
|
opentext
|
documentum_webtop
|
XSS and/or a Client Side URL Redirect exists in OpenText Documentum Webtop 5.3 SP2. The parameter startat in "/webtop/help/en/default.htm" is vulnerable.
|
CWE-79
CWE-601
Cross-site Scripting
Open Redirect
|
CVE-2019-7416
|
2024-11-21 13:48 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213103
|
8.8 |
HIGH
Network
|
zyxel
|
dsl-491hnu-b10b_firmware
dsl-491hnu-b1b_v2_firmware
|
ZyXEL VMG3312-B10B DSL-491HNU-B1B v2 devices allow login/login-page.cgi CSRF.
|
CWE-352
Origin Validation Error
|
CVE-2019-7391
|
2024-11-21 13:48 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213104
|
6.5 |
MEDIUM
Network
|
kaiostech
nokia
|
kaios
8810_4g_firmware
|
A Denial of Service issue has been discovered in the Gecko component of KaiOS 2.5 10.05 (platform 48.0.a2) on Nokia 8810 4G devices. When a crafted web page is visited with the internal browser, the …
|
NVD-CWE-noinfo
|
CVE-2019-7386
|
2024-11-21 13:48 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213105
|
7.8 |
HIGH
Local
|
raisecom
|
iscom_ht803g-u_firmware
iscom_ht803g-w_firmware
iscom_ht803g-1ge_firmware
iscom_ht803g_gpon_firmware
|
An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT803G-U, HT803G-W, HT803G-1GE, and HT803G GPON products with the firmware version ISCOMHT803G-U_2.0.0_140521_R4.1…
|
CWE-78
OS Command
|
CVE-2019-7385
|
2024-11-21 13:48 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213106
|
7.8 |
HIGH
Local
|
raisecom
|
iscom_ht803g-u_firmware
iscom_ht803g-w_firmware
iscom_ht803g-1ge_firmware
iscom_ht803g_gpon_firmware
|
An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT803G-U, HT803G-W, HT803G-1GE, and HT803G GPON products with the firmware version ISCOMHT803G-U_2.0.0_140521_R4.1…
|
CWE-78
OS Command
|
CVE-2019-7384
|
2024-11-21 13:48 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213107
|
7.8 |
HIGH
Local
|
systrome
|
cumilon_isg-600c_firmware
cumilon_isg-600h_firmware
cumilon_isg-800w_firmware
|
An issue was discovered on Systrome Cumilon ISG-600C, ISG-600H, and ISG-800W devices with firmware V1.1-R2.1_TRUNK-20181105.bin. A shell command injection occurs by editing the description of an ISP …
|
CWE-78
OS Command
|
CVE-2019-7383
|
2024-11-21 13:48 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213108
|
6.1 |
MEDIUM
Network
|
phpmywind
|
phpmywind
|
An issue was discovered in PHPMyWind 5.5. The method parameter of the data/api/oauth/connect.php page has a reflected Cross-site Scripting (XSS) vulnerability.
|
CWE-79
Cross-site Scripting
|
CVE-2019-7661
|
2024-11-21 13:48 |
2019-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213109
|
6.1 |
MEDIUM
Network
|
phpmywind
|
phpmywind
|
An issue was discovered in PHPMyWind 5.5. The username parameter of the /install/index.php page has a stored Cross-site Scripting (XSS) vulnerability, as demonstrated by admin/login.php.
|
CWE-79
Cross-site Scripting
|
CVE-2019-7660
|
2024-11-21 13:48 |
2019-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213110
|
9.1 |
CRITICAL
Network
|
broadcom
|
privileged_access_manager
|
An improper authentication vulnerability in CA Privileged Access Manager 3.x Web-UI jk-manager and jk-status allows a remote attacker to gain sensitive information or alter configuration.
|
CWE-287
Improper Authentication
|
CVE-2019-7392
|
2024-11-21 13:48 |
2019-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
