CVE-2020-12739

A denial-of-service vulnerability in the Fanuc i Series CNC 0i-MD and 0i Mate-MD could allow an unauthenticated, remote attacker to cause an affected CNC to become inaccessible to other devices...

CVE-2019-12739

lib/Controller/ExtractionController.php in the Extract add-on before 1.2.0 for Nextcloud allows Remote Code Execution via shell metacharacters in a RAR filename via ajax/extractRar.php nameOfFile and directory parameters...

CVE-2024-12739

The Mobile Contact Bar WordPress plugin before 3.0.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-12739

The Mobile Contact Bar WordPress plugin before 3.0.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-12739 Mobile Contact Bar < 3.0.5 - Admin+ Stored XSS

The Mobile Contact Bar WordPress plugin before 3.0.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2020-12739

A denial-of-service vulnerability in the Fanuc i Series CNC 0i-MD and 0i Mate-MD could allow an unauthenticated, remote attacker to cause an affected CNC to become inaccessible to other devices...

CVE-2020-12739

The CVE-2020-12739 vulnerability affects FANUC i Series CNCs (0i-MD and 0i Mate-MD). It is a denial-of-service where an unauthenticated remote attacker can cause the affected CNC to become inaccessible to other devices. Documents from NVD/Red Hat/JVN indicate impact to multiple FANUC product line...

CVE-2019-5441

CVE-2019-5441 is a reservation duplicate of CVE-2019-12739 and should not be used.

CVE-2019-12739

The CVE-2019-12739 entry concerns the Nextcloud Extract add-on: lib/Controller/ExtractionController.php vulnerable before version 1.2.0. It allows Remote Code Execution via shell metacharacters in a RAR filename passed through ajax/extractRar.php (nameOfFile and directory parameters). Affected co...

CVE-2018-12739

In BEESCMS 4.0, CSRF allows administrators to be added arbitrarily, a related issue to CVE-2018-10266...

CVE-2018-12739

BEESCMS 4.0 contains a Cross-Site Request Forgery (CSRF) vulnerability that allows an attacker to arbitrarily add administrator accounts. The issue is documented as CVE-2018-12739, linked to earlier CVE-2018-10266. Public references include exploit listings and demonstrations of the CSRF payload ...

BEESCMS 4.0 - Cross-Site Request Forgery (Add Admin)(CVE-2018-12739)

history.pushState'', '', '/'...

BEESCMS 4.0 - Cross-Site Request Forgery (Add Admin)

Exploit Title: A CSRF vulnerability exists in BEESCMSV4.0: The administrator can be added arbitrarily. Date: 2018-06-25 Exploit Author: bay0net Vendor Homepage: https://www.cnblogs.com/v1vvwv/p/9226389.html Software Link: http://www.beescms.com/ Version: BEESCMS - V4.0 CVE : CVE-2018-12739 A CSRF...

BEESCMS 4.0 - Cross-Site Request Forgery (Add Admin) Vulnerability

Exploit for php platform in category web applications Exploit Title: A CSRF vulnerability exists in BEESCMSV4.0: The administrator can be added arbitrarily. Exploit Author: bay0net Vendor Homepage: https://www.cnblogs.com/v1vvwv/p/9226389.html Software Link: http://www.beescms.com/ Version: BEESC...

CVE-2017-12739

Siemens SICAM RTUs SM-2556 COM Modules with firmware ENOS00, ERAC00, ETA2, ETLS00, MODi00, DNPi00 expose a web server on port 80 that could allow unauthenticated remote attackers to execute arbitrary code (CVE-2017-12739). The issue is tied to code injection via the integrated web server; remedia...

Siemens SICAM RTUs SM-2556 COM Modules XSS / Bypass / Code Execution Vulnerabilities

Siemens SICAM RTUs SM-2556 COM modules firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00 suffer from authentication bypass, code execution, and cross site scripting vulnerabilities. ======================================================================= title: Authentication...