CVE-2024-50631

Improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability in the system syncing daemon in Synology Drive Server before 3.0.4-12699, 3.2.1-23280, 3.5.0-26085 and 3.5.1-26102 allows remote attackers to inject SQL commands, limited to write operations, via...

CVE-2024-26085 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2024-26085 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79)

Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting XSS vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page...

CVE-2023-26085

creationtimestamp| type| source ---|---|--- 2023-06-29 20:14:33+00:00| seen| https://t.me/cibsecurity/65737...

CVE-2023-26085

A possible out-of-bounds read and write due to an improper length check of shared memory was discovered in Arm NN Android-NN-Driver before 23.02...

CVE-2023-26085

A possible out-of-bounds read and write due to an improper length check of shared memory was discovered in Arm NN Android-NN-Driver before 23.02...

CVE-2023-26085

CVE-2023-26085 affects Arm NN Android-NN-Driver, with vulnerable code path in CopyTensorContentsGeneric inside WorkloadUtils.hpp. The issue arises from an improper length check on shared memory, enabling an out-of-bounds read/write. Some connected sources specify Arm NN-Android-NN-Driver before 2...

CVE-2023-26085

A possible out-of-bounds read and write due to an improper length check of shared memory was discovered in Arm NN Android-NN-Driver before 23.02...

CVE-2022-26085

creationtimestamp| type| source ---|---|--- 2022-05-12 20:42:04+00:00| seen| https://t.me/cibsecurity/42518...

CVE-2022-26085

InRouter302 (InHand Networks) V3.5.4 contains an OS command injection in the httpd wlscan_ASP function. TALOS-2022-1473 documents that an authenticated HTTP request can trigger arbitrary command execution via the wlscan_ASP path, using nvram-derived values and popen to execute system commands. CV...

Atlassian Confluence Server Arbitrary File Read (CVE-2021-26085; CVE-2021-26086)

An arbitrary file read vulnerability exists in Atlassian Confluence Server. Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to access and read arbitrary file...

MariaDB: Path Traversal CVE-2021-26086 CVE-2021-26085

These vulnerabilities were found with https://trickest.com https://trickest.io CVE-2021-26085: ===================== https://jira.mariadb.org:/s/123cfx//;/WEB-INF/web.xml CVE-2021-26086: ===================== https://jira.mariadb.org/s/cfx//;/WEB-INF/web.xml Video explanation: -------------------...

Exploit for Forced Browsing in Atlassian Confluence_Data_Center

CVE-2021-26085 Atlassian Confluence Server 7.5.1 Pre-Authoriza...

Atlassian Confluence 7.12.2 - Pre-Authorization Arbitrary File Read

Exploit Title: Atlassian Confluence 7.12.2 - Pre-Authorization Arbitrary File Read Date: 2021-10-05 Exploit Author: Mayank Deshmukh Vendor Homepage: https://www.atlassian.com/ Software Link: https://www.atlassian.com/software/confluence/download-archives Version: version 7.4.10 and 7.5.0 ≤ versio...

Atlassian Confluence 7.12.2 - Pre-Authorization Arbitrary File Read Vulnerability

Exploit Title: Atlassian Confluence 7.12.2 - Pre-Authorization Arbitrary File Read Exploit Author: Mayank Deshmukh Vendor Homepage: https://www.atlassian.com/ Software Link: https://www.atlassian.com/software/confluence/download-archives Version: version 7.4.10 and 7.5.0 ≤ version 7.12.3 Tested o...

Atlassian Confluence Server 7.5.1 Arbitrary File Read

Exploit Title: Atlassian Confluence Server 7.5.1 Pre-Authorization Arbitrary File Read vulnerability Date: 2021-10-05 Exploit Author: Mayank Deshmukh Author email: [email protected] Vendor Homepage: https://www.atlassian.com/ Software Link:...

CVE-2021-26085

creationtimestamp| type| source ---|---|--- 2021-08-03 07:27:39+00:00| seen| https://t.me/cibsecurity/26724 2021-10-12 05:12:34+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/679 2021-10-13 10:34:16+00:00| published-proof-of-concept| https://t.me/BlueRedTeam/1124 2021-10-13...

CVE-2021-26085

Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3...

CVE-2021-26085

CVE-2021-26085 affects Atlassian Confluence Server. It is a Pre-Authorization Arbitrary File Read via the /s/ endpoint, allowing remote attackers to view restricted resources. Affected versions are before 7.4.10, and 7.5.0 before 7.12.3; fixes are in 7.4.10 and 7.12.3. Public PoCs and demonstrati...

Pre-Authorization Arbitrary File Read in /s/ endpoint - CVE-2021-26085

Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3. This vulnerability was...