14 matches found
CVE-2026-28060
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX S.King stephanie-king allows PHP Local File Inclusion.This issue affects S.King: from n/a through = 1.5.3...
CVE-2026-28060
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX S.King stephanie-king allows PHP Local File Inclusion.This issue affects S.King: from n/a through = 1.5.3...
CVE-2026-28060
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX S.King stephanie-king allows PHP Local File Inclusion.This issue affects S.King: from n/a through = 1.5.3...
CVE-2024-28060
An issue was discovered in Apiris Kafeo 6.4.4. It permits DLL hijacking, allowing a user to trigger the execution of arbitrary code every time the product is executed...
CVE-2024-28060
An issue was discovered in Apiris Kafeo 6.4.4. It permits DLL hijacking, allowing a user to trigger the execution of arbitrary code every time the product is executed...
CVE-2024-28060
CVE-2024-28060 affects Apiris Kafeo 6.4.4. The issue is DLL hijacking that can allow arbitrary code execution when the product runs. Local attack vector with Low privileges required and User interaction needed, resulting in High impact on confidentiality, integrity, and availability per the provi...
CVE-2024-28060
An issue was discovered in Apiris Kafeo 6.4.4. It permits DLL hijacking, allowing a user to trigger the execution of arbitrary code every time the product is executed...
CVE-2024-28060
An issue was discovered in Apiris Kafeo 6.4.4. It permits DLL hijacking, allowing a user to trigger the execution of arbitrary code every time the product is executed...
CVE-2023-28060
Dell BIOS contains an improper input validation vulnerability (CVE-2023-28060). A local authenticated attacker with administrator privileges may exploit this to modify a UEFI variable. Affected component is BIOS firmware; root cause is input validation failure. Impact is elevation/modification of...
CVE-2022-28060
creationtimestamp| type| source ---|---|--- 2022-04-29 00:29:25+00:00| seen| https://t.me/cibsecurity/41611...
CVE-2022-28060
SQL Injection vulnerability in Victor CMS v1.0, via the username parameter to /includes/login.php...
CVE-2022-28060
SQL Injection vulnerability in Victor CMS v1.0, via the username parameter to /includes/login.php...
CVE-2022-28060
CVE-2022-28060 relates to an SQL injection in Victor CMS v1.0, exploitable via the user_name parameter of /includes/login.php. The vulnerability is documented across multiple feeds (NVD, Red Hat, CNVD, CNVD CNVD, CNVD, CNNVD, etc.) with the core issue being improper handling of user_name leading ...
CVE-2021-28060
The supplied connected sources confirm CVE-2021-28060 is a Server-Side Request Forgery in Group Office 6.4.196, allowing a remote attacker to forge GET requests to arbitrary URLs using the url parameter of group/api/upload.php. Core details provided: affected software is Group Office CRM (version...