Vulnerabilities > Nedi

DATE CVE VULNERABILITY TITLE RISK
2021-02-12 CVE-2021-26753 Code Injection vulnerability in Nedi 1.9C
NeDi 1.9C allows an authenticated user to inject PHP code in the System Files function on the endpoint /System-Files.php via the txt HTTP POST parameter.
network
low complexity
nedi CWE-94
6.5
2021-02-12 CVE-2021-26752 OS Command Injection vulnerability in Nedi 1.9C
NeDi 1.9C allows an authenticated user to execute operating system commands in the Nodes Traffic function on the endpoint /Nodes-Traffic.php via the md or ag HTTP GET parameter.
network
low complexity
nedi CWE-78
6.5
2021-02-12 CVE-2021-26751 SQL Injection vulnerability in Nedi 1.9C
NeDi 1.9C allows an authenticated user to perform a SQL Injection in the Monitoring History function on the endpoint /Monitoring-History.php via the det HTTP GET parameter.
network
low complexity
nedi CWE-89
4.0
2020-11-02 CVE-2020-23989 Cross-Site Scripting vulnerability in Nedi 1.9C
NeDi 1.9C allows pwsec.php oid XSS.
network
nedi CWE-79
3.5
2020-11-02 CVE-2020-23868 Cross-Site Scripting vulnerability in Nedi 1.9C
NeDi 1.9C allows inc/rt-popup.php d XSS.
network
nedi CWE-79
3.5
2020-07-07 CVE-2020-15035 Cross-Site Scripting vulnerability in Nedi 1.9C
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack.
network
nedi CWE-79
3.5
2020-07-07 CVE-2020-15034 Cross-Site Scripting vulnerability in Nedi 1.9C
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack.
network
nedi CWE-79
3.5
2020-07-07 CVE-2020-15033 Cross-Site Scripting vulnerability in Nedi 1.9C
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack.
network
nedi CWE-79
3.5
2020-07-07 CVE-2020-15032 Cross-Site Scripting vulnerability in Nedi 1.9C
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack.
network
nedi CWE-79
3.5
2020-07-07 CVE-2020-15031 Cross-Site Scripting vulnerability in Nedi 1.9C
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack.
network
nedi CWE-79
3.5