15 matches found
CVE-2022-26580
PAX A930 device with PayDroid7.1.1VirgoV04.3.26T120210419 can allow the execution of specific command injections on selected binaries in the ADB daemon shell service. The attacker must have physical USB access to the device in order to exploit this vulnerability...
CVE-2024-26580
Deserialization of Untrusted Data vulnerability in Apache InLong.This issue affects Apache InLong: from 1.8.0 through 1.10.0, the attackers can use the specific payload to read from an arbitrary file. Users are advised to upgrade to Apache InLong's 1.11.0 or cherry-pick 1 to solve it. 1...
CVE-2025-26580
Cross-Site Request Forgery CSRF vulnerability in Complete SEO Page/Post Specific Social Share Buttons pagepost-specific-social-share-buttons allows Stored XSS.This issue affects Page/Post Specific Social Share Buttons: from n/a through = 2.1...
CVE-2025-26580 WordPress Page/Post Specific Social Share Buttons plugin <= 2.1 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in CompleteWebResources Page/Post Specific Social Share Buttons allows Stored XSS. This issue affects Page/Post Specific Social Share Buttons: from n/a through 2.1...
CVE-2024-26580
creationtimestamp| type| source ---|---|--- 2024-03-06 13:31:27+00:00| seen| https://t.me/ctinow/201321...
CVE-2024-26580
The CVE-2024-26580 issue affects Apache InLong 1.8.0–1.10.0 and is caused by deserialization of untrusted data, enabling a payload to read arbitrary files on the host. Impact is high confidentiality, with potential total control of data exposure per the sources. Remediation is to upgrade to InLon...
CVE-2024-26580 Apache InLong: Logged-in user could exploit an arbitrary file read vulnerability
Deserialization of Untrusted Data vulnerability in Apache InLong.This issue affects Apache InLong: from 1.8.0 through 1.10.0, the attackers can use the specific payload to read from an arbitrary file. Users are advised to upgrade to Apache InLong's 1.11.0 or cherry-pick 1 to solve it. 1...
CVE-2024-26580 Apache InLong: Logged-in user could exploit an arbitrary file read vulnerability
Deserialization of Untrusted Data vulnerability in Apache InLong.This issue affects Apache InLong: from 1.8.0 through 1.10.0, the attackers can use the specific payload to read from an arbitrary file. Users are advised to upgrade to Apache InLong's 1.11.0 or cherry-pick 1 to solve it. 1...
CVE-2023-26580
creationtimestamp| type| source ---|---|--- 2023-10-25 22:39:20+00:00| seen| https://t.me/cibsecurity/72834...
CVE-2023-26580
The vulnerability CVE-2023-26580 affects IDAttend’s IDWeb application 3.1.013, allowing unauthenticated arbitrary file read and access to files on the web server. Documented impact specifies unauthenticated access with high confidentiality impact (C: High, I: None, A: None) and network/low comple...
CVE-2023-26580 Missing Authentication In IDAttend’s IDWeb Application
Unauthenticated arbitrary file read in the IDAttend’s IDWeb application 3.1.013 allows the retrieval of any file present on the web server by unauthenticated attackers...
CVE-2022-26580
creationtimestamp| type| source ---|---|--- 2022-12-17 00:24:40+00:00| seen| https://t.me/cibsecurity/54789...
CVE-2022-26580
PAX A930 device with PayDroid7.1.1VirgoV04.3.26T120210419 can allow the execution of specific command injections on selected binaries in the ADB daemon shell service. The attacker must have physical USB access to the device in order to exploit this vulnerability...
CVE-2022-26580
The CVE-2022-26580 entry concerns the PAX A930 Android-based payment terminal running PayDroid_7.1.1_Virgo_V04.3.26T1_20210419. The vulnerability allows execution of command injections in certain binaries within the ADB daemon shell service. Exploitation requires physical USB access to the device...
CVE-2021-26580
CVE-2021-26580 affects HPE iLO Amplifier Pack and describes a remote Cross-Site Scripting (XSS) vulnerability. The patch is version 1.95 or later. Multiple sources confirm XSS and the vendor-provided fix; exploitation details are not elaborated in the provided documents.