This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Product: FruityWifi | |
CVE: CVE-2020-24849 | |
Version: (, 2.4) - Tested on version 2.4 | |
Vulnerability: Remote Code Execution | |
Vulnerability Description: A remote code execution vulnerability is identified in FruityWifi through 2.4.Due to improperly escaped shell metacharacters obtained from the POST request at the page_config_adv.php page, it is possible to perform remote code execution by an authenticated attacker. This is similar to CVE-2018-17317. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Product: NeDi - Find IT | |
CVE: Use CVE-2020-23868 | |
Version: 1.9C | |
Vulnerability: Reflected Cross-Site Scripting | |
Vulnerability Description: NeDi 1.9C allows Cross-Site Scripting via "d" parameter at "inc/rt-popup.ph" page. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Product: NeDi - Find IT | |
CVE: CVE-2020-23989 | |
Version: 1.9C | |
Vulnerability: Reflected Cross-Site Scripting | |
Vulnerability Description: NeDi 1.9C allows Cross-Site Scripting via "oid" parameter at "pwsec.php" page. |