luiss/cve_repo

Releases0

Repository containing findings, CVEs and exploits for them.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2019-17523 ↗	Nov 13, 2019Wednesday, 13 November 2019, 15:15	5.4 MEDIUM	3.5 LOW
An XSS vulnerability on Technicolor TC7300 STFA.51.20 devices allows remote attackers to inject arbitrary web script via the FileName parameter to /FTPDiag.asp.
CVE-2019-17524 ↗	Nov 13, 2019Wednesday, 13 November 2019, 15:15	5.4 MEDIUM	3.5 LOW
An XSS vulnerability on Technicolor TC7300 STFA.51.20 devices allows remote attackers to inject arbitrary web script via the "Connected Clients" field to /wlanAccess.asp. An intranet host can use a crafted hostname to exploit this.