11 matches found
CVE-2025-15434
creationtimestamp| type| source ---|---|--- 2026-01-02 18:54:15+00:00| published-proof-of-concept| Telegram/WJ485nBCYIK6R8dYmxhXtph0yMaE5gMVGsvZcpH50RxCzWM 2026-01-02 21:56:08+00:00| seen| Telegram/Zv5tNHIYABHF73295PLurMceTZF9dstOvAEjjio6JFd40...
CVE-2025-15434 Yonyou KSOA PrintZPYG.jsp sql injection
A vulnerability was detected in Yonyou KSOA 9.0. Affected is an unknown function of the file /kp/PrintZPYG.jsp. The manipulation of the argument zpjhid results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used. The vendor was contacted early...
CVE-2020-15434
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxphppecl.php. When parsing the canal parameter, the process does n...
CVE-2019-15434
creationtimestamp| type| source ---|---|--- 2024-02-20 10:21:44+00:00| seen| https://t.me/ctinow/188281...
CVE-2020-15434
This vulnerability allows remote attackers to execute arbitrary code on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxphppecl.php. When parsing the canal parameter, the process does n...
CVE-2020-15434
CVE-2020-15434 affects CentOS Web Panel (cwp-e17.0.9.8.923). The vulnerable component is ajax_php_pecl.php where the canal parameter is not properly validated before using it to execute a system call, enabling remote code execution with root privileges. Exploitation is possible without authentica...
CVE-2019-15434
The CVE-2019-15434 entry concerns a Samsung A5 device running Android 8.0 where a pre-installed app, com.samsung.android.themecenter (versionCode 7000000, versionName 7.0.0.0), exports an app component that can be misused by any pre-installed app possessing signatureOrSystem permissions to perfor...
CVE-2019-15434
The Samsung A5 Android device with a build fingerprint of samsung/a5y17ltexx/a5y17lte:8.0.0/R16NW/A520FXXS8CSC5:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app versionCode=7000000, versionName=7.0.0.0 that allows other pre-installed apps t...
CVE-2018-15434
The CVE-2018-15434 entry refers to Cisco Unified IP Phone 7900 Series with a vulnerability in the web-based management interface. Affected component: the web-based management interface; root cause: insufficient validation of user-supplied input leading to cross-site scripting (XSS). Impact stated...
CVE-2017-15434
CVE-2017-15434 entry is rejected or not used per initial description; does not represent an active vulnerability.
CVE-2017-15434
...