| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Due to the lack of firmware authentication in the upgrade process of T&W WIFI Repeater BE126 devices, an attacker can craft a malicious firmware and use it as an update. |
| In OpenResty through 1.13.6.1, URI parameters are obtained using the ngx.req.get_uri_args and ngx.req.get_post_args functions that ignore parameters beyond the hundredth one, which might allow remote attackers to bypass intended access restrictions or interfere with certain Web Application Firewall (ngx_lua_waf or X-WAF) products. NOTE: the vendor has reported that 100 parameters is an intentional default setting, but is adjustable within the API. The vendor's position is that a security-relevant misuse of the API by a WAF product is a vulnerability in the WAF product, not a vulnerability in OpenResty |
| Unauthenticated arbitrary file upload vulnerability in FineUploader php-traditional-server <= v1.2.2 |
| Unauthenticated arbitrary file upload vulnerability in jQuery Picture Cut <= v1.1Beta |
| Arbitrary file upload in jQuery Upload File <= 4.0.2 |
| Vulnerability in avatar_uploader v7.x-1.0-beta8 , The code in view.php doesn't verify users or sanitize the file path. |
| Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information (URL/SPAM services in FortiOS 5.6, and URL/SPAM/AV services in FortiOS 6.0.; URL rating in FortiClient) sent and received from Fortiguard severs by decrypting these messages. Affected products include FortiClient for Windows 6.0.6 and below, FortiOS 6.0.7 and below, FortiClient for Mac OS 6.2.1 and below. |
| A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be possible without knowledge of the server's private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under VIP SSL feature when CPx being used. |
| A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be possible without knowledge of the server's private key. Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0 and 6.0.1 are vulnerable by such attack under SSL Deep Inspection feature when CPx being used. |
| A local privilege escalation in Fortinet FortiClient for Windows 6.0.4 and earlier allows attackers to execute unauthorized code or commands via the named pipe responsible for Forticlient updates. |
| A null pointer dereference vulnerability in Fortinet FortiClientWindows 6.0.2 and earlier allows attacker to cause a denial of service via the NDIS miniport driver. |
| A cross-site scripting (XSS) vulnerability in Fortinet FortiAuthenticator in versions 4.0.0 to before 5.3.0 "CSRF validation failure" page allows attacker to execute unauthorized script code via inject malicious scripts in HTTP referer header. |
| An information disclosure vulnerability in Fortinet FortiOS 6.0.0 and below versions reveals user's web portal login credentials in a Javascript file sent to client-side when pages bookmarked in web portal use the Single Sign-On feature. |
| The Joom Sky JS Jobs extension before 1.2.1 for Joomla! has XSS. |
| Twonky Server before 8.5.1 has XSS via a modified "language" parameter in the Language section. |
| Twonky Server before 8.5.1 has XSS via a folder name on the Shared Folders screen. |
| DedeCMS 5.7 allows remote attackers to execute arbitrary PHP code via the egroup parameter to uploads/dede/stepselect_main.php because code within the database is accessible to uploads/dede/sys_cache_up.php. |
| sys_verifies.php in DedeCMS 5.7 allows remote attackers to execute arbitrary PHP code via the refiles array parameter, because the contents of modifytmp.inc are under an attacker's control. |
| Cross-site scripting (XSS) vulnerability in admin/template/js/uploadify/uploadify.swf in GetSimple CMS 3.3.13 allows remote attackers to inject arbitrary web script or HTML, as demonstrated by the movieName parameter. |
| The Iptanus WordPress File Upload plugin before 4.3.3 for WordPress mishandles shortcode attributes. |
