ZTE ZXHN H108L is provided by some large Greek ISPs to their
subscribers.
Vulnerability Details
=====================
CWMP configuration is accessible only through the Administrator account.
CWMP is a protocol widely used by ISPs worldwide for remote provisioning
and troubleshooting their subscribers’ equipment. However editing the
CWMP configuration (more specifically sending the POST request)…
=============================================
MGC ALERT 2014-005
– Original release date: March 5, 2014
– Last revised: November 18, 2014
– Discovered by: Manuel Garcia Cardenas
– Severity: 10/10 (CVSS Base Score)
=============================================
I. VULNERABILITY
————————-
Multiple Vulnerabilities in Zoph <= 0.9.1
II. BACKGROUND
————————-
Zoph (Zoph Organizes Photos) is a web based digital image…
=============================================
MGC ALERT 2014-004
– Original release date: March 11, 2014
– Last revised: November 18, 2014
– Discovered by: Manuel Garcia Cardenas
– Severity: 10/10 (CVSS Base Score)
=============================================
I. VULNERABILITY
————————-
Multiple Vulnerabilities in WebsiteBaker 2.8.3
II. BACKGROUND
————————-
WebsiteBaker helps you to create the website you want:…
=============================================
MGC ALERT 2014-003
– Original release date: March 6, 2014
– Last revised: November 18, 2014
– Discovered by: Manuel Garcia Cardenas
– Severity: 7,1/10 (CVSS Base Score)
=============================================
I. VULNERABILITY
————————-
Blind SQL Injection in XOOPS <= 2.5.6
II. BACKGROUND
————————-
XOOPS is an acronym of “eXtensible Object Oriented…
=============================================
MGC ALERT 2014-002
– Original release date: March 5, 2014
– Last revised: November 17, 2014
– Discovered by: Manuel Garcia Cardenas
– Severity: 4,8/10 (CVSS Base Score)
=============================================
I. VULNERABILITY
————————-
Reflected XSS in Nibbleblog <= v4.0.1
II. BACKGROUND
————————-
Nibbleblog is a powerful engine for creating blogs, all you…