Exploit for OS Command Injection in Zyxel Vmg8623-T50B_Firmware

CVE-2026-1459-POC POC for the CVE-2026-1459 which payload c...

CVE-2026-1459

creationtimestamp| type| source ---|---|--- 2026-02-24 06:00:33+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mflihj4u7u2h 2026-02-24 06:00:35+00:00| seen| https://infosec.exchange/users/offseq/statuses/116124079294995359 2026-02-26 02:40:09+00:00| seen|...

CVE-2026-1459

A post-authentication command injection vulnerability in the TR-369 certificate download CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50ABPM.9.7C0 could allow an authenticated attacker with administrator privileges to execute operating system OS commands on an affected device...

CVE-2025-1459

creationtimestamp| type| source ---|---|--- 2025-03-01 07:26:59+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6054 2025-03-01 10:35:42+00:00| seen| https://t.me/cvedetector/19226 2025-03-02 11:46:31+00:00| seen| Telegram/RqLNqylQ-LrXpTSrmMlSZTM2TTmsgC1b7DRwe3XJWNtQ1sq...

CVE-2025-1459 Page Builder by SiteOrigin <= 2.31.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Page Builder by SiteOrigin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Embedded VideoPB widget in all versions up to, and including, 2.31.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2025-1459 Page Builder by SiteOrigin <= 2.31.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Page Builder by SiteOrigin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Embedded VideoPB widget in all versions up to, and including, 2.31.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2022-1459

Non-Privilege User Can View Patient’s Disclosures in GitHub repository openemr/openemr prior to 6.1.0.1...

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 8.0 security update

A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHEL 8 / 9 : Red Hat JBoss Enterprise Application Platform 8.0 (RHSA-2024:2764)

The remote Redhat Enterprise Linux 8 / 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:2764 advisory. Red Hat JBoss Enterprise Application Platform 8 is a platform for Java applications based on the WildFly application runtime. This...

CVE-2024-1459

A path traversal vulnerability was found in Undertow. This issue may allow a remote attacker to append a specially-crafted sequence to an HTTP request for an application deployed to JBoss EAP, which may permit access to privileged or restricted files and directories. Mitigation Mitigation for thi...

app.valuationcontrol:webservice (>=0.5.0 <=0.5.1), ba.sake:sharaf_3 (>=0.0.7 <=0.3.0) +695 more potentially affected by CVE-2024-1459 via io.undertow:undertow-core (>=2.3.0.Alpha1 <=2.3.11.Final)

io.undertow:undertow-core MAVEN version =2.3.0.Alpha1, =0.5.0, =0.0.7, =22.11.0, =22.11.0, =0.0.1-jdk17-RELEASES, =0.0.1-jdk17-RELEASES, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.20 and more Source cves: CVE-2024-1459 Source advisory: OSV:GHSA-V76W-3PH8-VM66...

CVE-2024-1459

A path traversal vulnerability was found in Undertow. This issue may allow a remote attacker to append a specially-crafted sequence to an HTTP request for an application deployed to JBoss EAP, which may permit access to privileged or restricted files and directories...

CVE-2024-1459

The CVE-2024-1459 entry concerns Undertow in Red Hat JBoss EAP, where a path-traversal bug allows a remote attacker to append a crafted sequence to an HTTP request and access privileged or restricted files. Root cause: improper validation of HTTP request paths in Undertow, enabling directory trav...

CVE-2011-1459

creationtimestamp| type| source ---|---|--- 2024-02-04 09:16:27+00:00| seen| https://t.me/ctinow/178738...

CVE-2022-1459

creationtimestamp| type| source ---|---|--- 2024-01-08 22:39:37+00:00| published-proof-of-concept| https://t.me/arpsyndicate/2690...

CVE-2023-1459

creationtimestamp| type| source ---|---|--- 2023-03-17 11:36:27+00:00| seen| https://t.me/cibsecurity/60226...

CVE-2023-1459

A vulnerability was found in SourceCodester Canteen Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file changeUsername.php. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The...

CVE-2023-1459

CVE-2023-1459 affects SourceCodester Canteen Management System 1.0, specifically the file changeUsername.php. The vulnerability stems from improper handling of the username parameter, enabling SQL injection. The issue is exploitable remotely and is documented as highly severe (initial metrics ind...

SUSE CVE-2012-1459

The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal aka Cat QuickHeal 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo...

SUSE: Security Advisory (SUSE-SU-2022:1459-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...