firefox vulnerabilities and exploits

7.2
CVSSv2
CVE-2019-7384

An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT803G-U, HT803G-W, HT803G-1GE, and HT803G GPON products with the firmware version ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 or below. The value of the fmgpon_loid parameter is used in a system...

RaisecomIscom Ht803g-u Firmware
6.1
CVSSv2
CVE-2019-7439

cgi-bin/qcmap_web_cgi on JioFi 4G M2S 1.0.2 devices allows a DoS (Hang) via the mask POST parameter....

JioJiofi 4g M2s Firmware
4.3
CVSSv2
CVE-2019-7438

cgi-bin/qcmap_web_cgi on JioFi 4G M2S 1.0.2 devices has XSS and HTML injection via the mask POST parameter....

JioJiofi 4g M2s Firmware
4.3
CVSSv2
CVE-2019-7440

JioFi 4G M2S 1.0.2 devices have CSRF via the SSID name and Security Key field under Edit Wi-Fi Settings (aka a SetWiFi_Setting request to cgi-bin/qcmap_web_cgi)....

JioJiofi 4g M2s Firmware
7.5
CVSSv2
CVE-2018-20526

Roxy Fileman 1.4.5 allows unrestricted file upload in upload.php....

RoxyfilemanRoxy Fileman
5
CVSSv2
CVE-2018-20525

Roxy Fileman 1.4.5 allows Directory Traversal in copydir.php, copyfile.php, and fileslist.php....

RoxyfilemanRoxy Fileman
4.3
CVSSv2
CVE-2018-18762

SaltOS 3.1 r8126 contains a database download vulnerability....

Saltos
7.5
CVSSv2
CVE-2018-18798

Attendance Monitoring System 1.0 has SQL Injection via the 'id' parameter to student/index.php?view=view, event/index.php?view=view, and user/index.php?view=view....

6.4
CVSSv2
CVE-2018-15818

An issue was discovered in Repute ARForms 3.5.1 and prior. An attacker is able to delete any file on the server with web server privileges by sending a malicious request to admin-ajax.php....