Showing 1 - 1 of 1

CVE-2018-10692

Status Candidate

Overview

An issue was discovered on Moxa AWK-3121 1.14 devices. The session cookie "Password508" does not have an HttpOnly flag. This allows an attacker who is able to execute a cross-site scripting attack to steal the cookie very easily.

Related Files

Moxa AWK-3121 1.14 Information Disclosure / Command Execution: Posted Jun 7, 2019; Authored by Samuel Huntley; Moxa AWK-3121 version 1.14 devices suffer from authentication bypass, code execution, cross site scripting, and information leakage vulnerabilities.; tags | advisory, vulnerability, code execution, xss, bypass; advisories | CVE-2018-10690, CVE-2018-10691, CVE-2018-10692, CVE-2018-10693, CVE-2018-10694, CVE-2018-10695, CVE-2018-10696, CVE-2018-10697, CVE-2018-10698, CVE-2018-10699, CVE-2018-10700, CVE-2018-10701, CVE-2018-10702, CVE-2018-10703; SHA-256 | 138332a80edebbd2e6c16300ef7d9715536cc1c8845977bb687fcc2fccfa023d; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 318 files
Ubuntu 67 files
Debian 25 files
LiquidWorm 11 files
Valentin Lobstein 10 files
nu11secur1ty 8 files
Milad Karimi 6 files
Google Security Research 5 files
liquidsky 3 files
Erdemstar 3 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,025)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,485)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,706)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,480)
UNIX (9,394)
UnixWare (187)
Windows (6,653)
Other

CVE-2018-10692

Overview

Related Files

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems