CVE-2025-10828

A security vulnerability has been detected in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown part of the file /admin/edit.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed publicly an...

CVE-2020-10828

A stack-based buffer overflow in cvmd on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request...

CVE-2020-10828

creationtimestamp| type| source ---|---|--- 2025-05-05 17:20:16+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/14930...

CVE-2024-10828

The Advanced Order Export For WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.5.5 via deserialization of untrusted input during Order export when the "Try to convert serialized values" option is enabled. This makes it possible for...

CVE-2024-10828

creationtimestamp| type| source ---|---|--- 2024-11-13 05:47:58+00:00| seen| https://t.me/cvedetector/10792...

CVE-2024-10828 Advanced Order Export For WooCommerce <= 3.5.5 - Unauthenticated PHP Object Injection via Order Details

The Advanced Order Export For WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.5.5 via deserialization of untrusted input during Order export when the "Try to convert serialized values" option is enabled. This makes it possible for...

CVE-2024-10828 Advanced Order Export For WooCommerce <= 3.5.5 - Unauthenticated PHP Object Injection via Order Details

The Advanced Order Export For WooCommerce plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.5.5 via deserialization of untrusted input during Order export when the "Try to convert serialized values" option is enabled. This makes it possible for...

WordPress Advanced Order Export For WooCommerce Plugin <= 3.5.5 is vulnerable to PHP Object Injection

Software Advanced Order Export For WooCommerce Type Plugin Vulnerable versions = 3.5.5 Fixed in 3.5.6 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-10828 Patch priority High CVSS severity High 9.8 Developer Claim ownership PSID 52652ce9166f Credits Webbernaut Require...

VulnCheck KEV: CVE-2020-10828

A stack-based buffer overflow in cvmd on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request...

HTTP Headers Remote Code Execution (CVE-2020-10826; CVE-2020-10827; CVE-2020-10828; CVE-2020-13756; CVE-2021-1472; CVE-2021-1473)

HTTP headers let the client and the server pass additional information with an HTTP request. A remote attacker may use a vulnerable HTTP Header to run arbitrary code on the victim machine...

CVE-2020-10828

CVE-2020-10828 is a stack-based buffer overflow in the cvmd process on DrayTek Vigor3900, Vigor2960, and Vigor300B devices. Versions prior to 1.5.1 are affected and allow remote code execution via a crafted remote HTTP request. This is confirmed by multiple sources in connected documents (vendor ...

CVE-2020-10828

A stack-based buffer overflow in cvmd on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

CVE-2016-10828

CVE-2016-10828 affects cPanel prior to 55.9999.141. The issue is an unsafe @INC path that enables arbitrary code execution (root cause: unsafe library path resolution). Impact is high: attacker could execute code with low privileges over the network. References across sources confirm the same des...

Alps Touchpad Driver Vulnerabilities - Lenovo Support US

No description provided...

Alps Touchpad Driver Vulnerabilities - US

Lenovo Security Advisory: LEN-25654 Potential Impact: Denial of service, information disclosure Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2018-10828 Summary Description: Alps has reported to Lenovo vulnerabilities the Alps Touchpad driver that could allow denial of servi...

CVE-2018-10828

An issue was discovered in Alps Pointing-device Driver 10.1.101.207. ApMsgFwd.exe allows the current user to map and write to the "ApMsgFwd File Mapping Object" section. ApMsgFwd.exe uses the data written to this section as arguments to functions. This causes a denial of service condition when...

CVE-2018-10828

CVE-2018-10828 pertains to Alps Pointing-device Driver 10.1.101.207. Attacks exploit ApMsgFwd.exe, which allows the current user to map and write to the ApMsgFwd File Mapping Object and use that data as arguments to functions, causing a denial-of-service when invalid pointers are written to the m...

CVE-2017-10828

Untrusted search path vulnerability in Flets Install Tool all versions distributed through the website till 2017 August 8 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

CVE-2017-10828

The CVE-2017-10828 issue affects Flets Install Tool installers distributed by NTT West. The root cause is an insecure DLL search path (untrusted search path) that can allow loading a Trojan/DLL, enabling arbitrary code execution with the caller’s privileges when running the installer. Affected ve...