Ramikan

22 exploits Active since Mar 2019
CVE-2019-10887 WRITEUP MEDIUM WRITEUP
Salicru SLC-20-cube3(5) - Reflected Cross-Site Scripting via DataLog.csv log Parameter
A reflected HTML injection vulnerability on Salicru SLC-20-cube3(5) devices running firmware version cs121-SNMP v4.54.82.130611 allows remote attackers to inject arbitrary HTML elements via a /DataLog.csv?log= or /AlarmLog.csv?log= or /waitlog.cgi?name= or /chart.shtml?data= or /createlog.cgi?name= request.
CVSS 6.1
CVE-2019-16645 WRITEUP HIGH WRITEUP
Embedthis GoAhead 2.5.0 - Info Disclosure
An issue was discovered in Embedthis GoAhead 2.5.0. Certain pages (such as goform/login and config/log_off_page.htm) create links containing a hostname obtained from an arbitrary HTTP Host header sent by an attacker. This could potentially be used in a phishing attack.
CVSS 8.6
CVE-2019-17503 WRITEUP MEDIUM WRITEUP
Kirona DRS 5.5.3.5 - Info Disclosure
An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. An unauthenticated user can access /osm/REGISTER.cmd (aka /osm_tiles/REGISTER.cmd) directly: it contains sensitive information about the database through the SQL queries within this batch file. This file exposes SQL database information such as database version, table name, column name, etc.
CVSS 5.3
CVE-2019-9591 WRITEUP MEDIUM WRITEUP
ShoreTel Connect ONSITE <19.49.1500.0 - XSS
A reflected Cross-site scripting (XSS) vulnerability in ShoreTel Connect ONSITE before 19.49.1500.0 allows remote attackers to inject arbitrary web script or HTML via the brandUrl parameter.
CVSS 6.1
CVE-2019-9592 WRITEUP MEDIUM WRITEUP
ShoreTel Connect ONSITE <19.45.1602.0 - XSS
A reflected Cross-site scripting (XSS) vulnerability in ShoreTel Connect ONSITE 19.45.1602.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter.
CVSS 6.1
CVE-2019-9593 WRITEUP MEDIUM WRITEUP
ShoreTel Connect ONSITE <18.82.2000.0 - XSS
A reflected Cross-site scripting (XSS) vulnerability in ShoreTel Connect ONSITE 18.82.2000.0 allows remote attackers to inject arbitrary web script or HTML via the page parameter.
CVSS 6.1
CVE-2020-25494 WRITEUP CRITICAL WRITEUP
Xinuos OpenServer 5-6 - OS Command Injection via printbook cgi-bin Parameters
Xinuos (formerly SCO) Openserver v5 and v6 allows attackers to execute arbitrary commands via shell metacharacters in outputform or toclevels parameter to cgi-bin/printbook.
CVSS 9.8
CVE-2020-25495 WRITEUP MEDIUM WRITEUP
Xinuos OpenServer 5 and 6 - Reflected Cross-Site Scripting via Section Parameter
A reflected Cross-site scripting (XSS) vulnerability in Xinuo (formerly SCO) Openserver version 5 and 6 allows remote attackers to inject arbitrary web script or HTML tag via the parameter 'section'.
CVSS 6.1
CVE-2020-25901 WRITEUP MEDIUM WRITEUP
Spiceworks 7.5.7.0 - Open Redirect via Host Header Injection
Host Header Injection in Spiceworks 7.5.7.0 allowing the attacker to render arbitrary links that point to a malicious website with poisoned Host header webpages.
CVSS 6.1
CVE-2019-17504 EXPLOITDB MEDIUM WORKING POC
Kirona Dynamic Resource Scheduling 5.5.3.5 - Reflected Cross-Site Scripting via Password Parameter
An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. A reflected Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script via the /osm/report/ password parameter.
CVSS 6.1
CVE-2019-17504 WRITEUP MEDIUM WRITEUP
Kirona Dynamic Resource Scheduling 5.5.3.5 - Reflected Cross-Site Scripting via Password Parameter
An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. A reflected Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script via the /osm/report/ password parameter.
CVSS 6.1
CVE-2019-9592 EXPLOITDB MEDIUM text WRITEUP
ShoreTel Connect ONSITE <19.45.1602.0 - XSS
A reflected Cross-site scripting (XSS) vulnerability in ShoreTel Connect ONSITE 19.45.1602.0 allows remote attackers to inject arbitrary web script or HTML via the url parameter.
CVSS 6.1
CVE-2019-9591 EXPLOITDB MEDIUM text WRITEUP
ShoreTel Connect ONSITE <19.49.1500.0 - XSS
A reflected Cross-site scripting (XSS) vulnerability in ShoreTel Connect ONSITE before 19.49.1500.0 allows remote attackers to inject arbitrary web script or HTML via the brandUrl parameter.
CVSS 6.1
CVE-2020-25901 EXPLOITDB MEDIUM text WORKING POC
Spiceworks 7.5.7.0 - Open Redirect via Host Header Injection
Host Header Injection in Spiceworks 7.5.7.0 allowing the attacker to render arbitrary links that point to a malicious website with poisoned Host header webpages.
CVSS 6.1
CVE-2020-25495 EXPLOITDB MEDIUM text WORKING POC
Xinuos OpenServer 5 and 6 - Reflected Cross-Site Scripting via Section Parameter
A reflected Cross-site scripting (XSS) vulnerability in Xinuo (formerly SCO) Openserver version 5 and 6 allows remote attackers to inject arbitrary web script or HTML tag via the parameter 'section'.
CVSS 6.1
CVE-2020-25494 EXPLOITDB CRITICAL text WORKING POC
Xinuos OpenServer 5-6 - OS Command Injection via printbook cgi-bin Parameters
Xinuos (formerly SCO) Openserver v5 and v6 allows attackers to execute arbitrary commands via shell metacharacters in outputform or toclevels parameter to cgi-bin/printbook.
CVSS 9.8
CVE-2019-9593 EXPLOITDB MEDIUM text WRITEUP
ShoreTel Connect ONSITE <18.82.2000.0 - XSS
A reflected Cross-site scripting (XSS) vulnerability in ShoreTel Connect ONSITE 18.82.2000.0 allows remote attackers to inject arbitrary web script or HTML via the page parameter.
CVSS 6.1
CVE-2019-17503 EXPLOITDB MEDIUM text WORKING POC
Kirona DRS 5.5.3.5 - Info Disclosure
An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. An unauthenticated user can access /osm/REGISTER.cmd (aka /osm_tiles/REGISTER.cmd) directly: it contains sensitive information about the database through the SQL queries within this batch file. This file exposes SQL database information such as database version, table name, column name, etc.
CVSS 5.3
CVE-2019-16645 EXPLOITDB HIGH text WORKING POC
Embedthis GoAhead 2.5.0 - Info Disclosure
An issue was discovered in Embedthis GoAhead 2.5.0. Certain pages (such as goform/login and config/log_off_page.htm) create links containing a hostname obtained from an arbitrary HTTP Host header sent by an attacker. This could potentially be used in a phishing attack.
CVSS 8.6
CVE-2019-10887 EXPLOITDB MEDIUM text WRITEUP
Salicru SLC-20-cube3(5) - Reflected Cross-Site Scripting via DataLog.csv log Parameter
A reflected HTML injection vulnerability on Salicru SLC-20-cube3(5) devices running firmware version cs121-SNMP v4.54.82.130611 allows remote attackers to inject arbitrary HTML elements via a /DataLog.csv?log= or /AlarmLog.csv?log= or /waitlog.cgi?name= or /chart.shtml?data= or /createlog.cgi?name= request.
CVSS 6.1
CVE-2021-20031 EXPLOITDB MEDIUM text WORKING POC
SonicOS < 7.0.1-r1262 - Host Header Redirection
A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web domains.
CVSS 6.1
CVE-2019-1943 EXPLOITDB MEDIUM text WRITEUP
Cisco Small Business 200, 300, and 500 Series Switches - Unauthenticated Open Redirect via HTTP Request Parameter
A vulnerability in the web interface of Cisco Small Business 200, 300, and 500 Series Switches software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of the parameters of an HTTP request. An attacker could exploit this vulnerability by intercepting a user's HTTP request and modifying it into a request that causes the web interface to redirect the user to a specific malicious URL. This type of vulnerability is known as an open redirect attack and is used in phishing attacks that get users to unknowingly visit malicious sites.
CVSS 4.7