Asus RT-N12E 2.0.0.39 is affected by an incorrect access control vulnerability. Through system.asp / start_apply.htm, an attacker can change the administrator password without any authentication. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
Cross Site Scripting (XSS) vulnerability in BoxBilling 4.19, 4.19.1, 4.20, and 4.21 allows remote attackers to run arbitrary code via the message field on the submit new ticket form. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
** UNSUPPORTED WHEN ASSIGNED ** An issue in the UPnP protocol in 4thline cling 2.0.0 through 2.1.2 allows remote attackers to cause a denial of service via an unchecked CALLBACK parameter in the request header. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
The Java Remote Management Interface of all versions of SVI MS Management System was discovered to contain a vulnerability due to insecure deserialization of user-supplied content, which can allow attackers to execute arbitrary code via a crafted serialized Java object. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
The Java Remote Management Interface of all versions of Orlansoft ERP was discovered to contain a vulnerability due to insecure deserialization of user-supplied content, which can allow attackers to execute arbitrary code via a crafted serialized Java object. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
A reflected cross site scripting (XSS) vulnerability in Xtend Voice Logger 1.0 allows attackers to execute arbitrary web scripts or HTML, via the path of the error page. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
A cross site scripting (XSS) vulnerability in the error page of Totolink N200RE and N100RE Routers 2.0 allows attackers to execute arbitrary web scripts or HTML via SCRIPT element. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
Cross Site Request Forgery (CSRF) vulnerability in yzmcms version 5.6, allows remote attackers to escalate privileges and gain sensitive information sitemodel/add.html endpoint. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database
A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OP_V3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross site request forgery (CSRF) attack to enable syslog mode through ‘ /mgm_log_cfg.asp.’ The system starts to log events, ‘Remote’ mode or ‘Both’ mode on “Syslog — Configuration page” logs events and sends to remote syslog…
A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack to Reset ONU to Factory Default through ‘ /mgm_dev_reset.asp.’ Resetting to default leads to Escalation of Privileges by logging-in with default credentials. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri…
A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an attacker to upload arbitrary files through ” /mgm_dev_upgrade.asp ” which can “delete every file for Denial of Service (using ‘rm -rf *.*’ in the code), reverse connection (using ‘.asp’ webshell), backdoor. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını…
A vulnerability in Optilink OP-XT71000N Hardware version: V2.2 , Firmware Version: OP_V3.3.1-191028 allows an unauthenticated remote attacker to conduct a cross-site request forgery (CSRF) attack to change the Password for “WLAN SSID” through “wlwpa.asp”. Zafiyet ile ilgili Genel Bilgi, Etki ve Çözümleri için Devamını Oku Kaynak: National Vulnerability Database