25 matches found
CVE-2016-20073 Answer My Question 1.3 Plugin WordPress SQL Injection via modal.php
Answer My Question 1.3 plugin for WordPress contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' POST parameter. Attackers can submit crafted SQL statements to the modal.php endpoint to extract...
CVE-2026-20073
A vulnerability in Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to send traffic that should be denied through an affected device. This vulnerability is due to improper error...
CVE-2024-20073
In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00367704; Issue ID: MSV-1411...
CVE-2024-20073
CVE-2024-20073 affects the wlan service due to an out-of-bounds write from improper input validation, potentially enabling local privilege escalation to SYSTEM; no user interaction required. Patch: WCNCR00367704 (MSV-1411). CVSSv3.1: 6.6 (AV:N, AC:H, PR:H, UI:N, S:U, C:H, I:H, A:H). Exploitation ...
CVE-2023-35745
D-Link DAP-2622 DDP Configuration Restore Filename Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...
CVE-2023-35745 D-Link DAP-2622 DDP Configuration Restore Filename Stack-based Buffer Overflow Remote Code Execution Vulnerability
D-Link DAP-2622 DDP Configuration Restore Filename Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this...
CVE-2019-20073
creationtimestamp| type| source ---|---|--- 2024-03-18 09:41:43+00:00| seen| https://t.me/ctinow/210315...
CVE-2023-20073
creationtimestamp| type| source ---|---|--- 2023-04-05 20:26:37+00:00| seen| https://t.me/cibsecurity/61484 2023-08-19 14:06:35+00:00| published-proof-of-concept| https://t.me/proxybar/1687 2023-08-20 02:49:35+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/4948 2023-08-20...
CVE-2023-20073
CVE-2023-20073 affects Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers. The vulnerability stems from insufficient authorization enforcement during file uploads in the web-based management interface, allowing an unauthenticated, remote attacker to upload arbitrary files by send...
SUSE CVE-2018-20073
Use of extended attributes in downloads in Google Chrome prior to 72.0.3626.81 allowed a local attacker to read download URLs via the filesystem...
Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Arbitrary File Upload (cisco-sa-sb-rv-afu-EXxwA65V)
According to its self-reported version, Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers are affected by an arbitrary file upload vulnerability due to insufficient authorization enforcement mechanisms. An unauthenticated, remote attacker can exploit this to upload arbitrary...
CVE-2017-20073
creationtimestamp| type| source ---|---|--- 2022-06-21 12:27:34+00:00| seen| https://t.me/cibsecurity/44857...
CVE-2017-20073
A vulnerability has been found in Hindu Matrimonial Script and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/cms.php. The manipulation leads to improper privilege management. The attack can be launched remotely. The exploit has been disclose...
CVE-2017-20073 Hindu Matrimonial Script cms.php privileges management
A vulnerability has been found in Hindu Matrimonial Script and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/cms.php. The manipulation leads to improper privilege management. The attack can be launched remotely. The exploit has been disclose...
CVE-2022-20073
creationtimestamp| type| source ---|---|--- 2022-04-12 00:16:32+00:00| seen| https://t.me/cibsecurity/40517...
CVE-2022-20073
CVE-2022-20073 affects the preloader (usb) on MediaTek devices, where an integer underflow can trigger an out-of-bounds write. This can enable local escalation of privilege for an attacker with physical device access, with user interaction required for exploitation. The issue is documented with P...
CVE-2021-20073
creationtimestamp| type| source ---|---|--- 2021-02-16 22:48:01+00:00| seen| https://t.me/cibsecurity/23671...
CVE-2021-20073
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for cross-site request forgeries...
CVE-2021-20073
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for cross-site request forgeries...
CVE-2021-20073
CVE-2021-20073 describes a cross-site request forgery in RACOM M!DGE firmware 4.4.40.105 . The initial record and connected sources consistently reference CSRF for this firmware, but no concrete exploitation details or remediation are provided in the provided documents. Publicly disclosed CVSS da...