CVE-2026-2041

Nagios Host zabbixagentconfigwizardfunc Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Nagios Host. Authentication is required to exploit this vulnerability. The specific flaw exists within t...

CVE-2026-2041 Nagios Host zabbixagent_configwizard_func Command Injection Remote Code Execution Vulnerability

Nagios Host zabbixagentconfigwizardfunc Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Nagios Host. Authentication is required to exploit this vulnerability. The specific flaw exists within t...

CVE-2026-2041

creationtimestamp| type| source ---|---|--- 2026-02-12 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-26-073/ 2026-02-24 14:00:14+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mfmdbbgi7c2x 2026-02-24 18:13:56+00:00| seen|...

Linux Distros Unpatched Vulnerability : CVE-2016-2041

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not use a constant-time algorithm for comparin...

RHSA-2024:2041

creationtimestamp| type| source ---|---|--- 2025-07-05 03:15:03+00:00| seen| Telegram/WfJc7uPRoLJrV4N04ab0I6vzm3GHF9Cjyp48UCO6YlWFjs 2025-07-05 03:15:05+00:00| seen| Telegram/RHkgF7skTMhGpb13BzAtFn3sG2C9DjYxigsVldo5V7Ki1OA 2025-07-05 03:15:05+00:00| seen|...

CVE-2025-2041

A vulnerability, which was classified as critical, has been found in s-a-zhd Ecommerce-Website-using-PHP 1.0. Affected by this issue is some unknown functionality of the file /shop.php. The manipulation of the argument pcat leads to sql injection. The attack may be launched remotely. The exploit...

CVE-2025-2041

creationtimestamp| type| source ---|---|--- 2025-03-06 21:34:22+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6756 2025-03-06 23:52:52+00:00| seen| https://t.me/cvedetector/19752 2025-08-18 13:31:23+00:00| seen| MISP/4937e86f-f5bd-4d09-8bda-88a7440077f3 2025-08-19...

CVE-2025-2041

A vulnerability, which was classified as critical, has been found in s-a-zhd Ecommerce-Website-using-PHP 1.0. Affected by this issue is some unknown functionality of the file /shop.php. The manipulation of the argument pcat leads to sql injection. The attack may be launched remotely. The exploit...

CVE-2025-2041 s-a-zhd Ecommerce-Website-using-PHP shop.php sql injection

A vulnerability, which was classified as critical, has been found in s-a-zhd Ecommerce-Website-using-PHP 1.0. Affected by this issue is some unknown functionality of the file /shop.php. The manipulation of the argument pcat leads to sql injection. The attack may be launched remotely. The exploit...

CVE-2025-2041 s-a-zhd Ecommerce-Website-using-PHP shop.php sql injection

A vulnerability, which was classified as critical, has been found in s-a-zhd Ecommerce-Website-using-PHP 1.0. Affected by this issue is some unknown functionality of the file /shop.php. The manipulation of the argument pcat leads to sql injection. The attack may be launched remotely. The exploit...

CLSA-2024-1720547899 Update of alt-php

Resolve multiple test failures - debian/rules: re-build test certificates before dhautotest, remove silencing of failing tests - debian/control: build-depend on libnsspem to be able to read PEM certificates in build-nss - debian/patches/update-test-certs-generation.patch: update keysize and diges...

CVE-2024-2167

Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-2041. Reason: This candidate is a reservation duplicate of CVE-2024-2041. Notes: All CVE users should reference CVE-2024-2041 instead of this candidate. All references and descriptions in this candidate have been remov...

Rocky Linux 8 : squid:4 (RLSA-2020:2041)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:2041 advisory. - An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function...

Amazon Linux 2 : libksba (ALAS-2023-2041)

The version of libksba installed on the remote host is prior to 1.3.0-6. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2041 advisory. Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser. CVE-2022-47629 Tenable has extracte...

CVE-2023-2041

CVE-2023-2041 affects novel-plus 3.6.2. The vulnerability is a SQL injection in the endpoint /category/list?limit=10&offset=0&order=desc, triggered by manipulating the sort parameter. It can be exploited remotely and exploits have been publicly disclosed. Practical impact is high: potential unaut...

Debian: Security Advisory (DLA-481-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-406-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2016-2041

libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 does not use a constant-time algorithm for comparing CSRF tokens, which makes it easier for remote attackers to bypass intended access restrictions by measuring time differences...

CVE-2022-20241

CVE-2022-20241 affects Android 13 Messaging, where improper input validation allows attaching a private file to an SMS, enabling local information disclosure without extra privileges. Impact is Information Disclosure (C) with Local attack vector and no user interaction required per NVD metrics (C...

CVE-2022-2041

CVE-2022-2041 affects the WordPress Brizy Page Builder plugin prior to version 2.4.2. The issue arises from insufficient sanitization/escaping of certain element content, enabling stored XSS via content elements. Impact can be exploited by users with a role as low as Contributor. The documented r...