72 matches found
CVE-2026-0944
Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Group invite allows Forceful Browsing.This issue affects Group invite: from 0.0.0 before 2.3.9, from 3.0.0 before 3.0.4, from 4.0.0 before 4.0.4...
CVE-2026-0944 Group invite - Moderately critical - Access bypass - SA-CONTRIB-2026-001
Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Group invite allows Forceful Browsing.This issue affects Group invite: from 0.0.0 before 2.3.9, from 3.0.0 before 3.0.4, from 4.0.0 before 4.0.4...
CVE-2023-0944
Bhima version 1.27.0 allows an authenticated attacker with regular user permissions to update arbitrary user session data such as username, email and password. This is possible because the application is vulnerable to IDOR, it does not correctly validate user permissions with respect to certain...
Chinese Hackers Exploit Trimble Cityworks Flaw to Infiltrate U.S. Government Networks
A Chinese-speaking threat actor tracked as UAT-6382 has been linked to the exploitation of a now-patched remote-code-execution vulnerability in Trimble Cityworks to deliver Cobalt Strike and VShell. "UAT-6382 successfully exploited CVE-2025-0944, conducted reconnaissance, and rapidly deployed a...
CVE-2022-0944
Template injection in connection test endpoint leads to RCE in GitHub repository sqlpad/sqlpad prior to 6.10.1...
CVE-2025-0944
A vulnerability was found in itsourcecode Tailoring Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file customerview.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2025-0944 itsourcecode Tailoring Management System customerview.php sql injection
A vulnerability was found in itsourcecode Tailoring Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file customerview.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been...
Exploit for Code Injection in Sqlpad
SQLPad 6.10.0 Exploit CVE-2022-0944 This Bash script exploi...
Exploit for Code Injection in Sqlpad
How It Works: This PHP code is designed to exploit a Remot...
Exploit for Code Injection in Sqlpad
CVE-2022-0944: Privilege Escalation Vulnerability in OverlayFS...
Exploit for Code Injection in Sqlpad
SQLPad RCE Exploit This repository contains an exploit script...
Exploit for Code Injection in Sqlpad
CVE-2022-0944 SQLPad - Template injection This is a blind vul...
Exploit for Code Injection in Sqlpad
CVE-2022-0944 A proof of concept exploit for SQLPad RCE CVE...
RHSA-2024:0944
creationtimestamp| type| source ---|---|--- 2024-02-28 02:16:40+00:00| seen| https://t.me/ctinow/195034...
RHEL 8 / 9 : OpenShift Container Platform 4.14.14 (RHSA-2024:0944)
The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0944 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private clo...
RHCOS 4 : OpenShift Container Platform 4.14.14 (RHSA-2024:0944)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0944 advisory. - golang.org/x/net/html: Cross site scripting CVE-2023-3978 Note that Nessus has not tested for this issue but has instead relied only on the...
CVE-2024-0944
creationtimestamp| type| source ---|---|--- 2024-01-26 21:21:38+00:00| seen| https://t.me/ctinow/174488 2024-02-19 19:26:53+00:00| seen| https://t.me/ctinow/187881...
CVE-2024-0944
CVE-2024-0944 affects Totolink T8 (firmware 4.1.5cu.833_20220905). The vulnerability involves certain unknown functions in the file /cgi-bin/cstecgi.cgi, leading to session expiration and potentially enabling remote exploitation. Public disclosures and reports describe a session-expiration flaw w...
CVE-2023-0944
creationtimestamp| type| source ---|---|--- 2023-04-06 00:26:43+00:00| seen| https://t.me/cibsecurity/61514 2025-02-14 10:09:22+00:00| seen| Telegram/nlkqkBLwRbGhOW97RbK4xP-pvnoUE6zKsiWANVMMFYGGsvtg...
CVE-2023-0944
Bhima version 1.27.0 allows an authenticated attacker with regular user permissions to update arbitrary user session data such as username, email and password. This is possible because the application is vulnerable to IDOR, it does not correctly validate user permissions with respect to certain...