CVE-2019-17431

An issue was discovered in fastadmin 1.0.0.20190705beta. There is a public/index.php/admin/auth/admin/add CSRF vulnerability...

CVE-2020-17431

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2018-17431

creationtimestamp| type| source ---|---|--- 2024-11-14 06:07:03+00:00| seen| MISP/0ffb58bb-1622-4d63-95e3-9bd2d81e65e1 2024-12-27 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2024-12-27 2025-01-26 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities -...

CVE-2020-17431

The CVE-2020-17431 entry describes a remote code execution in Foxit Studio Photo (confirmed affected: Foxit Studio Photo 3.6.6.922 and earlier per CNVD/NVD entries; ZDI cites a CR2 file parsing flaw). The root cause is improper validation during CR2 file parsing, causing a write past the end of a...

Comodo Unified Threat Management Web Console 2.7.0 - Remote Code Execution

Exploit Title: Comodo Unified Threat Management Web Console 2.7.0 - Remote Code Execution Date: 2018-08-15 Exploit Author: Milad Fadavvi Author's LinkedIn: https://www.linkedin.com/in/fadavvi/ Vendor Homepage: https://www.comodo.com/ Version: Releases before 2.7.0 & 1.5.0 Tested on:...

Comodo Unified Threat Management Web Console 2.7.0 Remote Code Execution

Exploit Title: Comodo Unified Threat Management Web Console 2.7.0 - Remote Code Execution Date: 2018-08-15 Exploit Author: Milad Fadavvi Author's LinkedIn: https://www.linkedin.com/in/fadavvi/ Vendor Homepage: https://www.comodo.com/ Version: Releases before 2.7.0 & 1.5.0 Tested on:...

CVE-2019-17431

The CVE-2019-17431 entry concerns fastadmin version 1.0.0.20190705_beta, noting a CSRF vulnerability in the public/index.php/admin/auth/admin/add endpoint. The connected documents reiterate the same description and do not provide technical details on root cause, affected module internals, patch v...

CVE-2018-17431

Affected software: Comodo UTM Firewall Web Console (all releases before 2.7.0, and related 1.5.0) per CVE-2018-17431. Vulnerability type & root cause: remote code execution via a crafted URL that allows an unauthenticated attacker to execute arbitrary code on the target. Descriptions across sourc...

CVE-2017-17431

GeniXCMS 1.1.5 has XSS via the from, id, lang, menuid, mod, q, status, term, to, or token parameter. NOTE: this might overlap CVE-2017-14761, CVE-2017-14762, or CVE-2017-14765...

CVE-2017-17431

GeniXCMS 1.1.5 is vulnerable to cross-site scripting (XSS) via multiple input parameters (from, id, lang, menuid, mod, q, status, term, to, or token). The CVE note indicates potential overlap with CVE-2017-14761/62/65. Connected advisories corroborate XSS in GeniXCMS 1.1.4/1.1.5 (e.g., via id par...