|
226081
|
9.8 |
CRITICAL
Network
|
dlink
|
dir-859_firmware
|
D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via the urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because REMOTE_PORT is misha…
|
CWE-78
OS Command
|
CVE-2019-20216
|
2024-11-21 13:38 |
2020-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226082
|
9.8 |
CRITICAL
Network
|
dlink
|
dir-859_firmware
|
D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via a urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because HTTP_ST is mishandled.…
|
CWE-78
OS Command
|
CVE-2019-20215
|
2024-11-21 13:38 |
2020-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226083
|
4.8 |
MEDIUM
Network
|
wso2
|
api_manager
|
An issue was discovered in WSO2 API Manager 2.6.0. A potential Reflected Cross-Site Scripting (XSS) vulnerability has been identified in defining a scope in the "manage the API" page of the API Publi…
|
CWE-79
Cross-site Scripting
|
CVE-2019-20439
|
2024-11-21 13:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226084
|
4.8 |
MEDIUM
Network
|
wso2
|
api_manager
|
An issue was discovered in WSO2 API Manager 2.6.0. A potential stored Cross-Site Scripting (XSS) vulnerability has been identified in the inline API documentation editor page of the API Publisher.
|
CWE-79
Cross-site Scripting
|
CVE-2019-20438
|
2024-11-21 13:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226085
|
6.1 |
MEDIUM
Network
|
wso2
|
api_manager
identity_server
|
An issue was discovered in WSO2 API Manager 2.6.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. When a custom claim dialect with an XSS payload is configured in the identity provider…
|
CWE-79
Cross-site Scripting
|
CVE-2019-20437
|
2024-11-21 13:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226086
|
6.1 |
MEDIUM
Network
|
wso2
|
api_manager
identity_server
|
An issue was discovered in WSO2 API Manager 2.6.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. If there is a claim dialect configured with an XSS payload in the dialect URI, and a u…
|
CWE-79
Cross-site Scripting
|
CVE-2019-20436
|
2024-11-21 13:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226087
|
4.8 |
MEDIUM
Network
|
wso2
|
api_manager
|
An issue was discovered in WSO2 API Manager 2.6.0. A reflected XSS attack could be performed in the inline API documentation editor page of the API Publisher by sending an HTTP GET request with a har…
|
CWE-79
Cross-site Scripting
|
CVE-2019-20435
|
2024-11-21 13:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226088
|
4.8 |
MEDIUM
Network
|
wso2
|
api_manager
|
An issue was discovered in WSO2 API Manager 2.6.0. A potential Reflected Cross-Site Scripting (XSS) vulnerability has been identified in the Datasource creation page of the Management Console.
|
CWE-79
Cross-site Scripting
|
CVE-2019-20434
|
2024-11-21 13:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226089
|
4.8 |
MEDIUM
Network
|
wso2
|
api_manager
identity_server
enterprise_integrator
|
An issue was discovered in WSO2 API Manager 2.6.0, WSO2 Enterprise Integrator 6.5.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. A potential stored Cross-Site Scripting (XSS) vulner…
|
CWE-79
Cross-site Scripting
|
CVE-2019-20443
|
2024-11-21 13:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226090
|
4.8 |
MEDIUM
Network
|
wso2
|
api_manager
identity_server
enterprise_integrator
|
An issue was discovered in WSO2 API Manager 2.6.0, WSO2 Enterprise Integrator 6.5.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. A potential stored Cross-Site Scripting (XSS) vulner…
|
CWE-79
Cross-site Scripting
|
CVE-2019-20442
|
2024-11-21 13:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
