22 matches found
CVE-2026-27130 Dokploy has Command Injection in its Service Operations
Dokploy is a free, self-hostable Platform as a Service PaaS. Versions 0.26.6 and below have OS command injection through the appName parameter. 3 chained issues cause this problem: inadequate input sanitization, lack of schema validation and direct shell interpolation. User-controlled application...
CVE-2025-27130
Welcart e-Commerce 2.11.6 and earlier versions contains an untrusted data deserialization vulnerability. If this vulnerability is exploited, arbitrary code may be executed by a remote unauthenticated attacker who can access websites created using the product...
CVE-2025-27130
creationtimestamp| type| source ---|---|--- 2025-04-01 09:32:43+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9869 2025-04-01 13:37:51+00:00| seen| https://t.me/cvedetector/21745 2025-04-06 02:03:30+00:00| seen| https://bsky.app/profile/getpokemon7.bsky.social/post/3lm4e5dljgc2x...
CVE-2025-27130
Welcart e-Commerce 2.11.6 and earlier versions contains an untrusted data deserialization vulnerability. If this vulnerability is exploited, arbitrary code may be executed by a remote unauthenticated attacker who can access websites created using the product...
CVE-2025-27130
Welcart e-Commerce is a WordPress plugin. The CVE-2025-27130 entry concerns an untrusted data deserialization vulnerability in Welcart e-Commerce versions 2.11.6 and earlier, enabling a remote unauthenticated attacker to execute arbitrary code on websites using the product. The root cause is tied...
Exploit for Classic Buffer Overflow in Qnap Qts
CVE-2024-27130-poc CVE-2024-27130 is a serious vulnerability...
Qnap QTS Stack-based Buffer Overflow (CVE-2024-27130)
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute code via a network. We have already fixed the vulnerability in the following version: QTS 5.1.7.2770 build...
VulnCheck KEV: CVE-2024-27130
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute code via a network...
CVE-2024-27130
CVE-2024-27130 affects QNAP QTS and QuTS hero (NAS devices) with a stack-based buffer overflow in a network-facing path. The root cause, as reported in connected exploit handling, is unsafe use of strcpy in the share.cgi No_Support_ACL function, allowing remote code execution via crafted network ...
Exploit for Classic Buffer Overflow in Qnap Qts
!Profile Visitorshttps://komarev.com/ghpvc/?username=d0rb&la...
CVE-2024-27130
creationtimestamp| type| source ---|---|--- 2024-05-17 10:46:29+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/7326 2024-05-17 13:15:37+00:00| published-proof-of-concept| https://t.me/proxybar/2084 2024-05-18 01:45:02+00:00| published-proof-of-concept| https://t.me/DARKSPOTTEAM/431...
Exploit for Classic Buffer Overflow in Qnap Qts
CVE-2024-27130 A Proof of Concept developed by @watchTow...
CVE-2023-27130
creationtimestamp| type| source ---|---|--- 2023-03-16 17:30:55+00:00| seen| https://t.me/cibsecurity/60149 2025-03-03 19:31:06+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6269...
CVE-2023-27130
CVE-2023-27130 is a Cross Site Scripting vulnerability affecting Typecho v1.2.0. The issue allows a remote attacker to execute arbitrary code via an arbitrarily supplied URL parameter. The NVD metrics list a CVSS v3.1 base score of 4.8 (Medium) with Network attack vector, Low attack complexity, P...
CVE-2023-27130
Cross Site Scripting vulnerability found in Typecho v.1.2.0 allows a remote attacker to execute arbitrary code via an arbitrarily supplied URL parameter...
Online Reviewer System SQL Injection (CVE-2021-27130)
An SQL injection vulnerability exists in Online Reviewer System. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
CVE-2021-27130
Online Reviewer System 1.0 contains a SQL injection vulnerability through authentication bypass, which may lead to a reverse shell upload...
CVE-2021-27130
Online Reviewer System 1.0 is affected by a SQL injection vulnerability that stems from an authentication bypass, enabling an attacker to bypass login and potentially upload a reverse shell. The flaw is documented across multiple sources (Red Hat, CNVD/CNNVD, CVE records) as a SQL injection throu...
Cisco Patches Critical Flaw After PoC Exploit Code Release
A day after proof-of-concept PoC exploit code was published for a critical flaw in Cisco Security Manager, Cisco has hurried out a patch. Cisco Security Manager is an end-to-end security management application for enterprise administrators, which gives them the ability to enforce various security...
CVE-2020-27130
creationtimestamp| type| source ---|---|--- 2020-11-17 07:38:23+00:00| seen| https://t.me/cibsecurity/16419 2020-11-17 15:03:06+00:00| published-proof-of-concept| https://t.me/informationsecuritychannel/41688 2020-11-17 16:44:12+00:00| published-proof-of-concept| https://t.me/cibsecurity/16441...