CVE-2026-1685

A vulnerability was identified in D-Link DIR-823X 250416. This vulnerability affects the function sub40AC74 of the component Login. Such manipulation leads to improper restriction of excessive authentication attempts. The attack may be performed from remote. This attack is characterized by high...

CVE-2026-1685

creationtimestamp| type| source ---|---|--- 2026-01-30 18:19:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdnw3pbkac2c...

CVE-2026-1685 D-Link DIR-823X Login sub_40AC74 excessive authentication

A vulnerability was identified in D-Link DIR-823X 250416. This vulnerability affects the function sub40AC74 of the component Login. Such manipulation leads to improper restriction of excessive authentication attempts. The attack may be performed from remote. This attack is characterized by high...

MiracleLinux 3 : firefox-17.0.7-1.0.1.AXS3, xulrunner-17.0.7-1.0.1.AXS3 (AXSA:2013-552:05)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-552:05 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this releas...

CVE-2022-1685

The Five Minute Webshop WordPress plugin through 1.3.2 does not properly validate and sanitise the orderby parameter before using it in a SQL statement via the Manage Products admin page, leading to an SQL Injection...

RHEL 6 : openstack-glance (RHSA-2014:1685)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:1685 advisory. OpenStack Image service glance provides discovery, registration, and delivery services for disk and server images. It provides the ability to copy or...

CVE-2024-1685

CVE-2024-1685 affects the Social Media Share Buttons plugin for WordPress. It is vulnerable to PHP Object Injection in all versions up to 2.1.0 via deserialization of untrusted input through the attachmentUrl parameter. Authenticated attackers with subscriber-level access or higher can inject a P...

CVE-2023-1685

HadSky up to 7.11.8 contains a command injection vulnerability in the Installation Interface, specifically the /install/index.php file. The vulnerability allows remote exploitation and has been publicly disclosed. Affected software: HadSky versions up to 7.11.8. Root cause: unknown code in the In...

CVE-2023-1685 HadSky Installation Interface index.php command injection

A vulnerability was found in HadSky up to 7.11.8. It has been declared as critical. This vulnerability affects unknown code of the file /install/index.php of the component Installation Interface. The manipulation leads to command injection. The attack can be initiated remotely. The exploit has be...

Debian: Security Advisory (DSA-2220-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-1685

The Five Minute Webshop WordPress plugin through 1.3.2 does not properly validate and sanitise the orderby parameter before using it in a SQL statement via the Manage Products admin page, leading to an SQL Injection...

CVE-2022-1685 Five Minute Webshop <= 1.3.2 - Admin+ SQLi via orderby

The Five Minute Webshop WordPress plugin through 1.3.2 does not properly validate and sanitise the orderby parameter before using it in a SQL statement via the Manage Products admin page, leading to an SQL Injection...

CVE-2022-1685

The CVE-2022-1685 entry concerns the Five Minute Webshop WordPress plugin (versions up to 1.3.2). The vulnerability is an SQL injection in the admin Manage Products page caused by improper validation/sanitisation of the orderby parameter before it is used in a SQL statement. Several connected sou...

SUSE SLES12 Security Update : openldap2 (SUSE-SU-2022:1685-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:1685-1 advisory. - In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd,...

SUSE: Security Advisory (SUSE-SU-2022:1685-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2016-0214)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2013:1153-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2013:1152-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:1685-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-1685

creationtimestamp| type| source ---|---|--- 2021-01-30 13:01:01+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/2600...