8 matches found
CVE-2017-15644
SSRF exists in Webmin 1.850 via the PATHINFO to tunnel/link.cgi, as demonstrated by a GET request for tunnel/link.cgi/http://INTRANET-IP:8000...
CVE-2020-15644
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the...
CVE-2020-15644
Marvell QConvergeConsole 5.5.0.64 is affected by CVE-2020-15644. The flaw is in setAppFileBytes of the GWTTestServiceImpl class, where user-supplied paths are not properly validated before file operations, enabling a directory-traversal-style path to be exploited. This can allow remote attackers ...
CVE-2019-15644
The zoho-salesiq plugin before 1.0.9 for WordPress has stored XSS...
CVE-2019-15644
The provided connected records confirm a concrete vulnerability: the WordPress plugin Zoho SalesIQ before version 1.0.9 contains a stored XSS vulnerability. The CVE description, CNVD/Red Hat entries, and CVE lists (and WPVulnDB/CNVD variants) consistently state a WordPress plugin flaw that allows...
CVE-2017-15644
SSRF exists in Webmin 1.850 via the PATHINFO to tunnel/link.cgi, as demonstrated by a GET request for tunnel/link.cgi/http://INTRANET-IP:8000...
CVE-2018-15644
CVE-2018-15644 is rejected/not used per the Initial Description; this entry does not represent an active vulnerability.
CVE-2018-15644
...