NeDi 漏洞列表
共找到 4 个与 NeDi 相关的漏洞
📅 加载漏洞趋势中...
-
CVE-2020-14413: NeDi 1.9C - Cross-Site Scripting POC
NeDi 1.9C is vulnerable to cross-site scripting because of an incorrect implementation of sanitize() in inc/libmisc.php. This function attempts to escape the SCRIPT tag from user-controllable values, but can be easily bypassed, as demonstrated by an onerror attribute of an IMG element as a Devices-Config.php?sta= value. -
CVE-2020-14413: NeDi 1.9C - Cross-Site Scripting POC
NeDi 1.9C is vulnerable to cross-site scripting because of an incorrect implementation of sanitize() in inc/libmisc.php. This function attempts to escape the SCRIPT tag from user-controllable values, but can be easily bypassed, as demonstrated by an onerror attribute of an IMG element as a Devices-Config.php?sta= value. -
Delta Electronics CNCSoft ScreenEditor 文件预览堆栈缓冲区溢出漏洞 无POC
Delta Electronics CNCSoft ScreenEditor 模块存在堆栈缓冲区溢出漏洞. 该漏洞是由于在将用户提供的数据复制到固定长度的堆栈缓冲区之前,未对其长度进行正确验证导致的。 -
Delta Industrial Automation CNCSoft ScreenEditor堆栈缓冲区溢出漏洞 无POC
Delta Industrial Automation CNCSoft ScreenEditor module中存在一个堆栈缓冲区溢出漏洞。该漏洞是由于没有对用户提供的数据长度进行适当验证导致的。