Lucene search
+L

22 matches found

OSV
OSV
added 2026/05/18 8:58 p.m.3 views

CVE-2026-27130 Dokploy has Command Injection in its Service Operations

Dokploy is a free, self-hostable Platform as a Service PaaS. Versions 0.26.6 and below have OS command injection through the appName parameter. 3 chained issues cause this problem: inadequate input sanitization, lack of schema validation and direct shell interpolation. User-controlled application...

9.9CVSS6AI score0.00985EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/04/03 9:59 a.m.20 views

CVE-2025-27130

Welcart e-Commerce 2.11.6 and earlier versions contains an untrusted data deserialization vulnerability. If this vulnerability is exploited, arbitrary code may be executed by a remote unauthenticated attacker who can access websites created using the product...

8.8CVSS8AI score0.0043EPSS
Exploits0References1
Circl
Circl
added 2025/04/01 9:32 a.m.15 views

CVE-2025-27130

creationtimestamp| type| source ---|---|--- 2025-04-01 09:32:43+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9869 2025-04-01 13:37:51+00:00| seen| https://t.me/cvedetector/21745 2025-04-06 02:03:30+00:00| seen| https://bsky.app/profile/getpokemon7.bsky.social/post/3lm4e5dljgc2x...

8.8CVSS6.2AI score0.0043EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/04/01 8:57 a.m.9 views

CVE-2025-27130

Welcart e-Commerce 2.11.6 and earlier versions contains an untrusted data deserialization vulnerability. If this vulnerability is exploited, arbitrary code may be executed by a remote unauthenticated attacker who can access websites created using the product...

6.3CVSS7.9AI score0.0043EPSS
Exploits0References2
CVE
CVE
added 2025/04/01 8:57 a.m.98 views

CVE-2025-27130

Welcart e-Commerce is a WordPress plugin. The CVE-2025-27130 entry concerns an untrusted data deserialization vulnerability in Welcart e-Commerce versions 2.11.6 and earlier, enabling a remote unauthenticated attacker to execute arbitrary code on websites using the product. The root cause is tied...

8.8CVSS7.7AI score0.0043EPSS
Exploits0References2Affected Software1
GithubExploit
GithubExploit
added 2024/11/22 2:18 p.m.345 views

Exploit for Classic Buffer Overflow in Qnap Qts

CVE-2024-27130-poc CVE-2024-27130 is a serious vulnerability...

8.8CVSS6.7AI score0.38054EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2024/10/16 12:0 a.m.19 views

Qnap QTS Stack-based Buffer Overflow (CVE-2024-27130)

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute code via a network. We have already fixed the vulnerability in the following version: QTS 5.1.7.2770 build...

8.8CVSS6.4AI score0.38054EPSS
Exploits3References2
VulnCheck KEV
VulnCheck KEV
added 2024/05/27 12:0 a.m.3 views

VulnCheck KEV: CVE-2024-27130

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute code via a network...

8.8CVSS6.1AI score0.38054EPSS
Exploits3References1
CVE
CVE
added 2024/05/21 4:8 p.m.204 views

CVE-2024-27130

CVE-2024-27130 affects QNAP QTS and QuTS hero (NAS devices) with a stack-based buffer overflow in a network-facing path. The root cause, as reported in connected exploit handling, is unsafe use of strcpy in the share.cgi No_Support_ACL function, allowing remote code execution via crafted network ...

8.8CVSS7.2AI score0.38054EPSS
Exploits3References1Affected Software1
GithubExploit
GithubExploit
added 2024/05/21 11:14 a.m.584 views

Exploit for Classic Buffer Overflow in Qnap Qts

!Profile Visitorshttps://komarev.com/ghpvc/?username=d0rb&la...

8.8CVSS7.2AI score0.38054EPSS
Exploits3
Circl
Circl
added 2024/05/17 10:46 a.m.6 views

CVE-2024-27130

creationtimestamp| type| source ---|---|--- 2024-05-17 10:46:29+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/7326 2024-05-17 13:15:37+00:00| published-proof-of-concept| https://t.me/proxybar/2084 2024-05-18 01:45:02+00:00| published-proof-of-concept| https://t.me/DARKSPOTTEAM/431...

8.8CVSS7.1AI score0.38054EPSS
Exploits3References15
GithubExploit
GithubExploit
added 2024/05/17 7:58 a.m.655 views

Exploit for Classic Buffer Overflow in Qnap Qts

CVE-2024-27130 A Proof of Concept developed by @watchTow...

8.8CVSS6.8AI score0.38054EPSS
Exploits3
Circl
Circl
added 2023/03/16 5:30 p.m.6 views

CVE-2023-27130

creationtimestamp| type| source ---|---|--- 2023-03-16 17:30:55+00:00| seen| https://t.me/cibsecurity/60149 2025-03-03 19:31:06+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6269...

4.8CVSS4.9AI score0.00579EPSS
Exploits1References2
CVE
CVE
added 2023/03/16 12:0 a.m.45 views

CVE-2023-27130

CVE-2023-27130 is a Cross Site Scripting vulnerability affecting Typecho v1.2.0. The issue allows a remote attacker to execute arbitrary code via an arbitrarily supplied URL parameter. The NVD metrics list a CVSS v3.1 base score of 4.8 (Medium) with Network attack vector, Low attack complexity, P...

4.8CVSS5.5AI score0.00579EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2023/03/16 12:0 a.m.14 views

CVE-2023-27130

Cross Site Scripting vulnerability found in Typecho v.1.2.0 allows a remote attacker to execute arbitrary code via an arbitrarily supplied URL parameter...

4.8CVSS7.5AI score0.00579EPSS
Exploits1References4
Check Point Advisories
Check Point Advisories
added 2021/04/28 12:0 a.m.28 views

Online Reviewer System SQL Injection (CVE-2021-27130)

An SQL injection vulnerability exists in Online Reviewer System. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.8AI score0.02231EPSS
Exploits1
OSV
OSV
added 2021/04/14 3:15 p.m.3 views

CVE-2021-27130

Online Reviewer System 1.0 contains a SQL injection vulnerability through authentication bypass, which may lead to a reverse shell upload...

9.8CVSS7.3AI score0.02231EPSS
Exploits1References1
CVE
CVE
added 2021/04/14 2:59 p.m.45 views

CVE-2021-27130

Online Reviewer System 1.0 is affected by a SQL injection vulnerability that stems from an authentication bypass, enabling an attacker to bypass login and potentially upload a reverse shell. The flaw is documented across multiple sources (Red Hat, CNVD/CNNVD, CVE records) as a SQL injection throu...

9.8CVSS9.8AI score0.02231EPSS
Exploits1References1Affected Software1
ThreatPost
ThreatPost
added 2020/11/17 3:17 p.m.78 views

Cisco Patches Critical Flaw After PoC Exploit Code Release

A day after proof-of-concept PoC exploit code was published for a critical flaw in Cisco Security Manager, Cisco has hurried out a patch. Cisco Security Manager is an end-to-end security management application for enterprise administrators, which gives them the ability to enforce various security...

9AI score0.87719EPSS
Exploits0References16
Circl
Circl
added 2020/11/17 7:38 a.m.6 views

CVE-2020-27130

creationtimestamp| type| source ---|---|--- 2020-11-17 07:38:23+00:00| seen| https://t.me/cibsecurity/16419 2020-11-17 15:03:06+00:00| published-proof-of-concept| https://t.me/informationsecuritychannel/41688 2020-11-17 16:44:12+00:00| published-proof-of-concept| https://t.me/cibsecurity/16441...

9.1CVSS8.6AI score0.65907EPSS
Exploits0References15
Rows per page
Query Builder