24 matches found
CVE-2020-12497
PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation...
CVE-2019-12497
An issue was discovered in Open Ticket Request System OTRS 7.0.x through 7.0.8, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. In the customer or external frontend, personal information of agents e.g., Name and mail address can be disclosed in external notes...
CVE-2025-12497
The Premium Portfolio Features for Phlox theme plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.3.10 via the 'argsextratemplatepath' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary .php files on the...
CVE-2025-12497
creationtimestamp| type| source ---|---|--- 2025-11-05 12:25:48+00:00| seen| https://gist.github.com/Darkcrai86/a2b197f2feabbec91214ffae805d521f 2025-11-05 13:32:57+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m4v5ybke6r2x 2025-11-05 15:24:14+00:00| seen|...
WordPress Phlox Portfolio plugin <= 2.3.10 - Unauthenticated Local File Inclusion via args[extra_template_path] vulnerability
Unauthenticated Local File Inclusion via argsextratemplatepath vulnerability discovered by LionTree in WordPress Plugin Phlox Portfolio versions = 2.3.10...
Linux Distros Unpatched Vulnerability : CVE-2019-12497
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Open Ticket Request System OTRS 7.0.x through 7.0.8, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through...
CVE-2024-12497
A vulnerability classified as critical has been found in 1000 Projects Attendance Tracking Management System 1.0. Affected is an unknown function of the file /admin/checkadminlogin.php. The manipulation of the argument adminusername leads to sql injection. It is possible to launch the attack...
CVE-2024-12497
A vulnerability classified as critical has been found in 1000 Projects Attendance Tracking Management System 1.0. Affected is an unknown function of the file /admin/checkadminlogin.php. The manipulation of the argument adminusername leads to sql injection. It is possible to launch the attack...
CVE-2024-12497
A vulnerability classified as critical has been found in 1000 Projects Attendance Tracking Management System 1.0. Affected is an unknown function of the file /admin/checkadminlogin.php. The manipulation of the argument adminusername leads to sql injection. It is possible to launch the attack...
CVE-2024-12497 1000 Projects Attendance Tracking Management System check_admin_login.php sql injection
A vulnerability classified as critical has been found in 1000 Projects Attendance Tracking Management System 1.0. Affected is an unknown function of the file /admin/checkadminlogin.php. The manipulation of the argument adminusername leads to sql injection. It is possible to launch the attack...
CVE-2024-12497 1000 Projects Attendance Tracking Management System check_admin_login.php sql injection
A vulnerability classified as critical has been found in 1000 Projects Attendance Tracking Management System 1.0. Affected is an unknown function of the file /admin/checkadminlogin.php. The manipulation of the argument adminusername leads to sql injection. It is possible to launch the attack...
Debian dla-3551 : otrs - security update
"The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3551 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3551-1 [email protected]...
[SECURITY] [DLA 3551-1] otrs2 security update
Debian LTS Advisory DLA-3551-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin August 31, 2023 https://wiki.debian.org/LTS Package : otrs2 Version : 6.0.16-2+deb10u1 CVE ID : CVE-2019-11358 CVE-2019-12248 CVE-2019-12497 CVE-2019-12746 CVE-2019-13458 CVE-2019-16375...
Debian: Security Advisory (DLA-3551-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2020-12497
PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation...
CVE-2020-12497
PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation...
CVE-2020-12497
CVE-2020-12497 affects Phoenix Contact PC Worx and PC Worx Express up to version 1.87. The issue is a stack-based overflow in PLCopen XML file parsing caused by insufficient input validation, which could allow remote code execution when manipulated PC Worx projects are processed. Public sources c...
CVE-2020-12497 Phoenix Contact Automation Worx <= 1.87: stack-based overflow
PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation...
CVE-2019-12497
An issue was discovered in Open Ticket Request System OTRS 7.0.x through 7.0.8, Community Edition 6.0.x through 6.0.19, and Community Edition 5.0.x through 5.0.36. In the customer or external frontend, personal information of agents e.g., Name and mail address can be disclosed in external notes...
CVE-2019-12497
CVE-2019-12497 affects Open Ticket Request System (OTRS) 7.0.x up to 7.0.8, Community Edition 6.0.x up to 6.0.19, and Community Edition 5.0.x up to 5.0.36. Description: in the customer/external frontend, personal information of agents (e.g., name and email address) could be disclosed in external ...