CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0CVE-2023-44856
https://notcve.org/view.php?id=CVE-2023-44856
Cross Site Scripting (XSS) vulnerability in Cobham SAILOR VSAT Ku v.164B019, allows a remote attacker to execute arbitrary code via a crafted script to the rstat, sender, and recipients' parameters of the sub_21D24 function in the acu_web file. • https://pine-amphibian-9b9.notion.site/ENG-SAILOR-Ku-Software-XSS-Statistics-report-e97364c9d09449cf8869417e7187e997 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2023-44854
https://notcve.org/view.php?id=CVE-2023-44854
Cross Site Scripting (XSS) vulnerability in Cobham SAILOR VSAT Ku v.164B019, allows a remote attacker to execute arbitrary code via a crafted script to the c_set_rslog_decode function in the acu_web file. • https://pine-amphibian-9b9.notion.site/ENG-SAILOR-Ku-Software-XSS-Remote-syslog-131b8031c9f74600aa3279c7d733d624 •
CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2023-44852
https://notcve.org/view.php?id=CVE-2023-44852
Cross Site Scripting (XSS) vulnerability in Cobham SAILOR VSAT Ku v.164B019, allows a remote attacker to execute arbitrary code via a crafted script to the c_set_traps_decode function in the acu_web file. • https://pine-amphibian-9b9.notion.site/ENG-SAILOR-Ku-Software-XSS-SNMP-traps-82fcaaf379ba4a4cbc16143c6da6c258 •
CVSS: 4.8EPSS: 0%CPEs: -EXPL: 0CVE-2023-44853
https://notcve.org/view.php?id=CVE-2023-44853
\An issue was discovered in Cobham SAILOR VSAT Ku v.164B019, allows a remote attacker to execute arbitrary code via a crafted script to the sub_219C4 function in the acu_web file. • https://pine-amphibian-9b9.notion.site/SAILOR-Ku-Software-RCE-and-Privilege-Escalation-Diagnostics-report-0f3923d0ed434705b7ed4a6174218c2b? • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-31818
https://notcve.org/view.php?id=CVE-2024-31818
Directory Traversal vulnerability in DerbyNet v.9.0 allows a remote attacker to execute arbitrary code via the page parameter of the kiosk.php component. • https://chocapikk.com/posts/2024/derbynet-vulnerabilities https://github.com/jeffpiazza/derbynet/blob/1ae0bb55c3990dec8fd9b9f4a82400be9a75de92/website/kiosk.php • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •