|
223021
|
6.5 |
MEDIUM
Network
|
siemens
|
siport_mp
|
A vulnerability has been identified in SIPORT MP (All versions < 3.1.4). Vulnerable versions of the device allow the creation of special accounts ("service users") with administrative privileges that…
|
NVD-CWE-Other
|
CVE-2019-19277
|
2024-11-21 13:34 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223022
|
7.5 |
HIGH
Network
|
siemens
|
siprotec_4
siprotec_compact
|
A vulnerability has been identified in SIPROTEC 4 and SIPROTEC Compact relays equipped with EN100 Ethernet communication modules (All versions). Specially crafted packets sent to port 50000/UDP of th…
|
CWE-20
Improper Input Validation
|
CVE-2019-19279
|
2024-11-21 13:34 |
2020-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223023
|
7.5 |
HIGH
Network
|
dlink
|
dsl-2680_firmware
|
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to enable or disable MAC address filtering by submitting a crafted Form…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2019-19226
|
2024-11-21 13:34 |
2020-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223024
|
7.5 |
HIGH
Network
|
dlink
|
dsl-2680_firmware
|
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to change DNS servers without being authenticated on the admin interfac…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2019-19225
|
2024-11-21 13:34 |
2020-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223025
|
7.5 |
HIGH
Network
|
dlink
|
dsl-2680_firmware
|
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to download the configuration (binary file) settings by submitting a ro…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2019-19224
|
2024-11-21 13:34 |
2020-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223026
|
7.5 |
HIGH
Network
|
dlink
|
dsl-2680_firmware
|
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to reboot the router by submitting a reboot.html GET request without be…
|
CWE-79
CWE-444
Cross-site Scripting
HTTP Request Smuggling
|
CVE-2019-19223
|
2024-11-21 13:34 |
2020-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223027
|
5.4 |
MEDIUM
Network
|
dlink
|
dsl-2680_firmware
|
A Stored XSS issue in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an authenticated attacker to inject arbitrary JavaScript code into the info.html administration page b…
|
CWE-79
Cross-site Scripting
|
CVE-2019-19222
|
2024-11-21 13:34 |
2020-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223028
|
6.1 |
MEDIUM
Network
|
mitel
|
micollab_audio\
_web_\&_video_conferencing
|
A cross-site scripting (XSS) vulnerability in the web conferencing component of Mitel MiCollab AWV before 8.1.2.2 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (…
|
CWE-79
Cross-site Scripting
|
CVE-2019-19371
|
2024-11-21 13:34 |
2020-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223029
|
6.1 |
MEDIUM
Network
|
mitel
|
micollab
|
A cross-site scripting (XSS) vulnerability in the web conferencing component of the Mitel MiCollab application before 9.0.15 for Android could allow an unauthenticated attacker to conduct a reflected…
|
CWE-79
Cross-site Scripting
|
CVE-2019-19370
|
2024-11-21 13:34 |
2020-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223030
|
6.1 |
MEDIUM
Network
|
heroplugins
|
hero_maps_premium
|
The Hero Maps Premium plugin 2.2.1 and prior for WordPress is prone to unauthenticated XSS via the views/dashboard/index.php p parameter because it fails to sufficiently sanitize user-supplied input.…
|
CWE-79
Cross-site Scripting
|
CVE-2019-19134
|
2024-11-21 13:34 |
2020-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
