CVE-2024-26068

Adobe Experience Manager 6.5.20 and earlier are affected by a stored XSS vulnerability in vulnerable form fields. The underlying issue allows attacker‑supplied scripts to execute in a victim’s browser when visiting a page containing the vulnerable field. Exploitation requires user interaction and...

Lexmark Device Embedded Web Server Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Lexmark Device Embedded Web Server RCE', 'Description' = %q A unauthenticated Remote Code Execution vulnerability exists in the embedded webserve...

CVE-2023-26068

creationtimestamp| type| source ---|---|--- 2023-04-11 00:22:50+00:00| seen| https://t.me/cibsecurity/61802 2023-09-19 08:50:09+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/lexmarkfaxtracesettings.rb 2025-02-06 03:13:45+00:00| seen|...

CVE-2023-26068

CVE-2023-26068 affects Lexmark devices’ embedded web server. The issue is an input validation flaw that enables unauthenticated remote code execution on affected Lexmark printers/facilities through 2023-02-19. A notable exploitation path described in sources is when no Admin user is created durin...

CVE-2023-26068

Certain Lexmark devices through 2023-02-19 mishandle Input Validation issue 2 of 4...

Lexmark Printer Multiple Input Validation Vulnerabilities (Mar 2023)

Multiple Lexmark printer devices are prone to multiple input validation vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2022-26068 Path Traversal

This affects the package pistacheio/pistache before 0.0.3.20220425. It is possible to traverse directories to fetch arbitrary files from the server...

CVE-2022-26068

CVE-2022-26068 affects pistacheio/pistache prior to 0.0.3.20220425, enabling path traversal to fetch arbitrary files from the server. Affected component: Pistache (C++ HTTP/REST framework). Root cause: improper handling of directory paths allows traversal to restricted files. Impact: potential ex...

CVE-2021-26068

An endpoint in Atlassian Jira Server for Slack plugin from version 0.0.3 before version 2.0.15 allows remote attackers to execute arbitrary code via a template injection vulnerability...

CVE-2021-26068

CVE-2021-26068 affects the Atlassian Jira Server for Slack plugin, with vulnerable versions from 0.0.3 up to, but not including, 2.0.15. The issue is a template injection vulnerability in the plugin's endpoint that allows remote attackers to execute arbitrary code. Impact is high (C / I / A all h...

CVE-2021-26068

An endpoint in Atlassian Jira Server for Slack plugin from version 0.0.3 before version 2.0.15 allows remote attackers to execute arbitrary code via a template injection vulnerability...

CVE-2020-26068

creationtimestamp| type| source ---|---|--- 2020-11-18 20:40:34+00:00| seen| https://t.me/cibsecurity/16524...

CVE-2020-26068

CVE-2020-26068 affects Cisco Telepresence CE Software and Cisco RoomOS Software. A flaw in the xAPI service due to insufficient access authorization allows an authenticated remote attacker to generate an access token for an affected device, potentially enabling experimental features that should n...