75 matches found
CVE-2026-2066
creationtimestamp| type| source ---|---|--- 2026-02-06 21:18:10+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3me7tdr6hcb2x 2026-02-06 21:18:45+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3me7tesdcz52v...
CVE-2026-2066
CVE-2026-2066 affects UTT 进取 520W, version 1.7.7-180627. The flaw is a buffer overflow in strcpy in /goform/formIpGroupConfig when groupName is manipulated, remotely exploitable. Public exploit exists; vendor did not respond to disclosure. Several sources (NVD/Red Hat/CVE records) indicate high i...
EUVD-2026-2066
Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue requires user interaction in that a victim...
CVE-2023-2066
The Announcement & Notification Banner – Bulletin plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'bulletinwpupdatebulletinstatus', 'bulletinwpupdatebulletin', 'bulletinwpupdatesettings', 'bulletinwpupdatestatus',...
CVE-2007-2066
UseBB before 1.0.6 allows remote attackers to obtain sensitive information via a request with unspecified GET or POST parameters to an unspecified script, which reveals the path in an error message...
CVE-2025-2066
A vulnerability has been found in projectworlds Life Insurance Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /updateAgent.php. The manipulation of the argument agentid leads to sql injection. The attack can be initiated remotely. The exploit...
CVE-2025-2066
A vulnerability has been found in projectworlds Life Insurance Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /updateAgent.php. The manipulation of the argument agentid leads to sql injection. The attack can be initiated remotely. The exploit...
CVE-2025-2066 projectworlds Life Insurance Management System updateAgent.php sql injection
A vulnerability has been found in projectworlds Life Insurance Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /updateAgent.php. The manipulation of the argument agentid leads to sql injection. The attack can be initiated remotely. The exploit...
Linux Distros Unpatched Vulnerability : CVE-2013-2066
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in X.org libXv 1.0.7 and earlier allows X servers to cause a denial of service crash and possibly execute arbitrary code via crafted length or...
CVE-2025-20638
In DA, there is a possible read of uninitialized heap data due to uninitialized data. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID:...
CVE-2022-2066
Cross-site Scripting XSS - Reflected in GitHub repository neorazorx/facturascripts prior to 2022.06...
openSUSE Security Advisory (SUSE-SU-2024:2066-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-2066
A vulnerability was found in SourceCodester Computer Inventory System 1.0. It has been classified as problematic. This affects an unknown part of the file /endpoint/add-computer.php. The manipulation of the argument model leads to cross site scripting. It is possible to initiate the attack...
CVE-2024-2066
CVE-2024-2066 affects SourceCodester Computer Inventory System 1.0, with a Cross-Site Scripting (XSS) flaw in /endpoint/add-computer.php triggered via the model argument. The root cause is input manipulation that leads to XSS, allowing remote initiation. Several connected sources confirm the vuln...
CVE-2024-2066 SourceCodester Computer Inventory System add-computer.php cross site scripting
A vulnerability was found in SourceCodester Computer Inventory System 1.0. It has been classified as problematic. This affects an unknown part of the file /endpoint/add-computer.php. The manipulation of the argument model leads to cross site scripting. It is possible to initiate the attack...
CVE-2024-2066 SourceCodester Computer Inventory System add-computer.php cross site scripting
A vulnerability was found in SourceCodester Computer Inventory System 1.0. It has been classified as problematic. This affects an unknown part of the file /endpoint/add-computer.php. The manipulation of the argument model leads to cross site scripting. It is possible to initiate the attack...
CVE-2024-2066
creationtimestamp| type| source ---|---|--- 2024-03-01 11:41:31+00:00| seen| https://t.me/ctinow/197523 2024-03-01 16:21:52+00:00| seen| https://t.me/ctinow/197769 2024-03-01 16:21:58+00:00| seen| https://t.me/ctinow/197775...
CVE-2023-2066 Announcement & Notification Banner – Bulletin <= 3.6.0 - Missing Authorization Checks
The Announcement & Notification Banner – Bulletin plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'bulletinwpupdatebulletinstatus', 'bulletinwpupdatebulletin', 'bulletinwpupdatesettings', 'bulletinwpupdatestatus',...
CVE-2023-2066 Announcement & Notification Banner – Bulletin <= 3.6.0 - Missing Authorization Checks
The Announcement & Notification Banner – Bulletin plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability check on the 'bulletinwpupdatebulletinstatus', 'bulletinwpupdatebulletin', 'bulletinwpupdatesettings', 'bulletinwpupdatestatus',...
Amazon Linux 2 : squid (ALAS-2023-2066)
The version of squid installed on the remote host is prior to 3.5.20-17. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2066 advisory. Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed...