Search Results | AttackerKB

Show filters

Topics 133 Users 9,713

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

133 Total Results

Displaying 81-90 of 133

Attacker Value

Unknown

CVE-2008-2825

Disclosure Date: June 23, 2008 (last updated October 04, 2023)

Cross-site scripting (XSS) vulnerability in the embedded Web Server in Xerox WorkCentre M123, M128, and 133 and WorkCentre Pro 123, 128, and 133 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

0

Attacker Value

Unknown

CVE-2008-2824

Disclosure Date: June 23, 2008 (last updated October 04, 2023)

Unspecified vulnerability in the Extensible Interface Platform in Web Services in Xerox WorkCentre 7655, 7665, and 7675 allows remote attackers to make configuration changes via unknown vectors.

0

Attacker Value

Unknown

CVE-2008-2743

Disclosure Date: June 17, 2008 (last updated October 04, 2023)

Cross-site scripting (XSS) vulnerability in the embedded web server in Xerox 4110, 4590, and 4595 Copier/Printers allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.

0

Attacker Value

Unknown

CVE-2007-1125

Disclosure Date: February 27, 2007 (last updated October 04, 2023)

Cross-site scripting (XSS) vulnerability in gallery.php in XeroXer Simple one-file gallery allows remote attackers to inject arbitrary web script or HTML via the f parameter.

0

Attacker Value

Unknown

CVE-2007-1124

Disclosure Date: February 27, 2007 (last updated October 04, 2023)

Directory traversal vulnerability in gallery.php in XeroXer Simple one-file gallery allows remote attackers to read arbitrary files via a .. (dot dot) in the f parameter.

0

Attacker Value

Unknown

CVE-2006-6471

Disclosure Date: December 11, 2006 (last updated October 04, 2023)

Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 use weak permissions for certain files, which allows unspecified file access.

0

Attacker Value

Unknown

CVE-2006-6470

Disclosure Date: December 11, 2006 (last updated October 04, 2023)

The SNMP Agent in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 returns no error for a non-writable object, which has unknown impact and attack vectors. NOTE: due to the vagueness of the advisory, it is not clear whether this is a vulnerability, or a bug in a security feature.

0

Attacker Value

Unknown

CVE-2006-6469

Disclosure Date: December 11, 2006 (last updated October 04, 2023)

Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 do not block the postgres port (5432/tcp), which has unknown impact and remote attack vectors, probably related to unauthorized connections to a PostgreSQL daemon.

0

Attacker Value

Unknown

CVE-2006-6473

Disclosure Date: December 11, 2006 (last updated October 04, 2023)

Multiple unspecified vulnerabilities in Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 have unknown impact and attack vectors, related to (1) an Immediate Image Overwrite (IIO) error message at the Local User Interface (LUI) if overwrite fails, (2) an IIO failure when a Held Job is deleted, and (3) an On Demand Image Overwrite failure when the overwrite is greater than 2 Gb.

0

Attacker Value

Unknown

CVE-2006-6468

Disclosure Date: December 11, 2006 (last updated October 04, 2023)

Xerox WorkCentre and WorkCentre Pro before 12.050.03.000, 13.x before 13.050.03.000, and 14.x before 14.050.03.000 do not check the Fully Qualified Domain Name (FQDN) during a "Validate Repository SSL Certificate" scan, which has unknown impact and attack vectors, possibly related to spoofed certificates.

0