CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1CVE-2018-17309 – RICOH MP C406Z Printer Cross Site Scripting
https://notcve.org/view.php?id=CVE-2018-17309
On the RICOH MP C406Z printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. En la impresora RICOH MP C406Z, se han descubierto vulnerabilidades de inyección HTML y Cross-Site Scripting (XSS) persistente en el área de adición de direcciones mediante el parámetro entryNameIn en /web/entry/en/address/adrsSetUserWizard.cgi. The RICOH MP C406Z printer suffers from cross site scripting and html injection vulnerabilities. • http://packetstormsecurity.com/files/149493/RICOH-MP-C406Z-Printer-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1CVE-2018-17002 – RICOH MP 2001 Printer Cross Site Scripting
https://notcve.org/view.php?id=CVE-2018-17002
On the RICOH MP 2001 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. En la impresora RICOH MP 2001, se han descubierto las vulnerabilidades de inyección HTML y Cross-Site Scripting (XSS) persistente en el área de agregación de direcciones mediante el parámetro entryNameIn para /web/entry/en/address/adrsSetUserWizard.cgi. The RICOH MP 2001 printer suffers from cross site scripting and html injection vulnerabilities. • http://packetstormsecurity.com/files/149443/RICOH-MP-2001-Printer-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1CVE-2018-17001 – RICOH SP 4510SF Printer Cross Site Scripting
https://notcve.org/view.php?id=CVE-2018-17001
On the RICOH SP 4510SF printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. En la impresora RICOH SP 4510SF, se han descubierto las vulnerabilidades de inyección HTML y Cross-Site Scripting (XSS) persistente en el área de agregación de direcciones mediante el parámetro entryNameIn para /web/entry/en/address/adrsSetUserWizard.cgi. The RICOH SP 4510SF printer suffers from cross site scripting and html injection vulnerabilities. • http://packetstormsecurity.com/files/149441/RICOH-SP-4510SF-Printer-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 2CVE-2018-15884 – RICOH MP C4504ex Printer - Cross-Site Request Forgery (Add Admin)
https://notcve.org/view.php?id=CVE-2018-15884
RICOH MP C4504ex devices allow HTML Injection via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn parameter. Los dispositivos RICOH MP C4504ex permiten la inyección HTML mediante el parámetro entryNameIn en /web/entry/en/address/adrsSetUserWizard.cgi. The RICOH MP C4504ex printer suffers from a cross site request forgery vulnerability. • https://www.exploit-db.com/exploits/45264 http://packetstormsecurity.com/files/149082/RICOH-MP-C4504ex-Cross-Site-Request-Forgery.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 2CVE-2015-6750 – Ricoh DC Software DL-10 SR10 FTP Server (SR10.exe) 1.1.0.6 - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2015-6750
Buffer overflow in Ricoh DL FTP Server 1.1.0.6 and earlier allows remote attackers to execute arbitrary code via a long USER command. Desbordamiento de buffer en Ricoh DL FTP Server 1.1.0.6 y versiones anteriores, permite a atacantes remotos ejecutar código arbitrario a través de un comando USER largo. • https://www.exploit-db.com/exploits/18643 http://packetstormsecurity.com/files/133248/Ricoh-FTP-Server-1.1.0.6-Buffer-Overflow.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •