CVE-2019-25557

creationtimestamp| type| source ---|---|--- 2026-03-21 15:02:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhlcgbc3oj2u...

CVE-2022-25557

Tenda AX1806 v1.0.0.1 was discovered to contain a heap overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service DoS via the urls parameter...

container-tools:ol8 bug fix and enhancement update

aardvark-dns 2:1.10.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.10.0 - Related: Jira:RHEL-2110 2:1.9.0-1 - update to https://github.com/containers/aardvark-dns/releases/tag/v1.9.0 - Related: Jira:RHEL-2110 2:1.8.0-1 - update to...

CVE-2023-25557 Server-Side Request Forgery in DataHub

DataHub is an open-source metadata platform. The DataHub frontend acts as a proxy able to forward any REST or GraphQL requests to the backend. The goal of this proxy is to perform authentication if needed and forward HTTP requests to the DataHub Metadata Store GMS. It has been discovered that the...

CVE-2023-25557

Summary: CVE-2023-25557 affects DataHub’s frontend proxy, which forwards REST/GraphQL requests to the DataHub Metadata Store (GMS). The proxy may mishandle URL construction when relaying requests, enabling a Server-Side Request Forgery (SSRF) where an attacker could redirect a frontend-originated...

CVE-2022-25557

CVE-2022-25557 affects Tenda AX1806 v1.0.0.1. A heap overflow in the function saveParentControlInfo has been identified, which can allow an attacker to trigger a Denial of Service (DoS) via the urls parameter. The vulnerability is documented across multiple feeds (e.g., NVD/NIST, CNVD, Red Hat ad...

CMSUno 1.6.2 Remote Code Execution

!/usr/bin/env ruby Exploit Title: CMSUno 1.6.1 = 1.6.2 - Remote Code Execution Authenticated Google Dorks: inurl:uno/central.php inurl:uno/config.php inurl:uno.php intitle:"CMSUno - Login" Author: noraj Alexandre ZANNI for SEC-IT https://secit.fr Author website: https://pwn.by/noraj/ Date:...

CMSUno 1.6.2 - 'lang' Remote Code Execution (Authenticated)

Exploit Title: CMSUno 1.6.2 - 'lang/user' Remote Code Execution Authenticated Google Dorks: inurl:uno/central.php inurl:uno/config.php inurl:uno.php intitle:"CMSUno - Login" Exploit Author: noraj Alexandre ZANNI for SEC-IT https://secit.fr https://www.exploit-db.com/?author=10066 Vendor Homepage:...

CVE-2020-25557

creationtimestamp| type| source ---|---|--- 2020-11-13 18:33:51+00:00| seen| https://t.me/cibsecurity/16297...

CVE-2020-25557

CMSUno 1.6.2 is affected by a code-injection vulnerability where an attacker can inject PHP code via the username field while changing their username/password. When the attacker logs in, the injected code executes, enabling an authenticated user to run commands on the server. Public advisories (e...