关键字 的搜索结果 (15061)

CVE-2016-5791(发布:2017-10-12 23:29:00)NMP
CVSS10.0

[原文]An Improper Authentication issue was discovered in JanTek JTC-200, all versions. The improper authentication could provide an undocumented BusyBox Linux shell accessible over the TELNET service without any authentication.

CVE-2016-5789(发布:2017-10-12 23:29:00)NMP
CVSS6.0

[原文]A Cross-site Request Forgery issue was discovered in JanTek JTC-200, all versions. An attacker could perform actions with the same permissions as a victim user, provided the victim has an active session and is induced to trigger the malicious request.

CVE-2013-6924(发布:2017-10-11 08:29:00)NMOP
CVSS10.0

[原文]Seagate BlackArmor NAS devices with firmware sg2000-2000.1331 allow remote attackers to execute arbitrary commands via shell metacharacters in the ip parameter to backupmgt/getAlias.php.

CVE-2014-8957(发布:2017-10-06 18:29:00)NMP
CVSS3.5

[原文]Cross-site scripting (XSS) vulnerability in OpenKM before 6.4.19 allows remote authenticated users to inject arbitrary web script or HTML via the Tasks parameter.

CVE-2017-9537(发布:2017-10-02 21:29:03)NMPS
CVSS3.5

[原文]Persistent cross-site scripting (XSS) in the Add Node function of SolarWinds Network Performance Monitor version 12.0.15300.90 allows remote attackers to introduce arbitrary JavaScript into various vulnerable parameters.

CVE-2017-9538(发布:2017-10-02 21:29:03)NMPS
CVSS4.0

[原文]The 'Upload logo from external path' function of SolarWinds Network Performance Monitor version 12.0.15300.90 allows remote attackers to cause a denial of service (permanent display of a "Cannot exit above the top directory" error message throughout the entire web application) via a ".." in the path field. In other words, the denial of service is caused by an incorrect implementation of a directory-traversal protection mechanism.

首页上一页23456789下一页尾页 第4页 / 共2511页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站