Multiple buffer overflows in web.c in httpd on the ASUS RT-N56U and RT-AC66U routers with firmware 3.0.0.4.374_979 allow remote attackers to execute arbitrary code via the (1) apps_name or (2). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 35.0%.
Multiple SQL injection vulnerabilities in Command School Student Management System 1.06.01 allow remote attackers to execute arbitrary SQL commands via the id parameter in an edit action to (1). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
data/class/pages/shopping/LC_Page_Shopping_Deliv.php in LOCKON EC-CUBE 2.4.4 and earlier, and 2.11.0 through 2.12.2, allows remote attackers to modify data via unspecified vectors. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Command School Student Management System 1.06.01 does not properly restrict access to sw/backup/backup_ray2.php, which allows remote attackers to download a database backup via a direct request. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Authorization bypass through user-controlled key issue exists in EC-CUBE 2.11.0 through 2.12.2 and EC-Orange systems deployed before June 29th, 2015. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
The System Status Collection Daemon (SSCD) in Cisco TelePresence System 500-37, 1000, 1300-65, and 3xxx before 1.10.2(42), and 500-32, 1300-47, TX1310 65, and TX9xxx before 6.0.4(11), allows remote. Rated high severity (CVSS 8.3), this vulnerability is low attack complexity. No vendor patch available.
Cross-site scripting (XSS) vulnerability in e107_plugins/content/handlers/content_preset.php in e107 before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via the query string. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.
The SIP module in Cisco TelePresence Video Communication Server (VCS) before 8.1 allows remote attackers to cause a denial of service (process failure) via a crafted SDP message, aka Bug ID. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.
Cisco TelePresence ISDN Gateway with software before 2.2(1.92) allows remote attackers to cause a denial of service (D-channel call outage) via a crafted Q.931 STATUS message, aka Bug ID CSCui50360. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.
Cisco NX-OS allows local users to bypass intended TACACS+ command restrictions via a series of multiple commands, aka Bug ID CSCum47367. Rated medium severity (CVSS 6.8), this vulnerability is low attack complexity. No vendor patch available.
Open redirect vulnerability in Cisco MediaSense allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an unspecified parameter, aka Bug ID CSCum16749. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.
The Label Distribution Protocol (LDP) functionality in Cisco NX-OS allows remote attackers to cause a denial of service (temporary LDP session outage) via LDP discovery traffic containing malformed. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The Wireless Session Protocol (WSP) feature in the Gateway GPRS Support Node (GGSN) component on Cisco ASR 5000 series devices allows remote attackers to bypass intended Top-Up payment restrictions. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Cross-site scripting (XSS) vulnerability in the Search and Play interface in Cisco MediaSense allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
Cross-site scripting (XSS) vulnerability in FileNet P8 Platform Documentation Installable Info Center 4.5.1 through 5.2.0 in IBM FileNet Business Process Manager 4.5.1 through 5.1.0, FileNet Content. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
fpw.php in e107 through 1.0.4 does not check the user_ban field, which makes it easier for remote attackers to reset passwords by sending a pwsubmit request and leveraging access to the e-mail. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
The Sleipnir Mobile application 2.12.1 and earlier and Sleipnir Mobile Black Edition application 2.12.1 and earlier for Android provide Geolocation API data without verifying user consent, which. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.
Check Point Endpoint Security MI Server through R73 3.0.0 HFA2.5 does not configure X.509 certificate validation for client devices, which allows man-in-the-middle attackers to spoof SSL servers by. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable.
The Search and Play interface in Cisco MediaSense does not properly enforce authorization requirements, which allows remote authenticated users to download arbitrary recordings via a request to this. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.