CVE-2020-16194

creationtimestamp| type| source ---|---|--- 2021-02-04 18:34:15+00:00| seen| https://t.me/cibsecurity/23070...

CVE-2020-16194

CVE-2020-16194 concerns an Insecure Direct Object Reference (IDOR) in Prestashop Opart devis versions before 4.0.2. Unauthenticated attackers can access any user’s invoice and delivery address by exploiting IDOR on the delivery_address and invoice_address fields. The vulnerability is documented a...

CVE-2019-16194

SQL injection vulnerabilities in Centreon through 19.04 allow attacks via the svcid parameter in include/monitoring/status/Services/xml/makeXMLForOneService.php...

CVE-2019-16194

Centreon 19.04 and earlier are affected by a SQL injection in the svc_id parameter of include/monitoring/status/Services/xml/makeXMLForOneService.php. The vulnerability arises from insufficient input validation, enabling attackers to inject SQL commands via the svc_id parameter, with potential im...

CVE-2019-16194

SQL injection vulnerabilities in Centreon through 19.04 allow attacks via the svcid parameter in include/monitoring/status/Services/xml/makeXMLForOneService.php...

CVE-2018-16194

CVE-2018-16194 affects NEC Aterm WF1200CR and Aterm WG1200CR routers. Affected firmware versions are WF1200CR 1.1.1 and earlier and WG1200CR 1.0.1 and earlier. The vulnerability is an OS command injection that can be exploited by an authenticated attacker to execute arbitrary operating system com...

CVE-2017-16194

Picard (a Node.js micro framework) is vulnerable to a directory traversal flaw: an attacker can access the filesystem by including ../ in the URL. The issue is documented across multiple sources (GHSA/NPM advisory, Veracode, CNVD, OSV, etc.), with no patch available in the advisories and recommen...