EUVD-2007-4533

Malware in sbrugna...

EUVD-2008-1552

Malware in sbrugna...

CVE-2023-33184

Nextcloud Mail is a mail app in Nextcloud. A blind SSRF attack allowed to send GET requests to services running in the same web server. It is recommended that the Mail app is update to version 3.02, 2.2.5 or 1.15.3...

CVE-2025-2553

A vulnerability was found in D-Link DIR-618 and DIR-605L 2.02/3.02. It has been rated as problematic. This issue affects some unknown processing of the file /goform/formVirtualServ. The manipulation leads to improper access controls. The attack needs to be approached within the local network. The...

CVE-2025-2549

A vulnerability has been found in D-Link DIR-618 and DIR-605L 2.02/3.02 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /goform/formSetPassword. The manipulation leads to improper access controls. The attack needs to be done within the local...

PT-2023-24201 · Nextcloud +1 · Nextcloud Mail +1

Name of the Vulnerable Software and Affected Versions: Nextcloud Mail versions prior to 1.15.3 Nextcloud Mail versions prior to 2.2.5 Nextcloud Mail versions prior to 3.02 Description: A blind SSRF attack in Nextcloud Mail allowed sending GET requests to services running in the same web server...

Modesty Pdf2json 代码问题漏洞

PDF2JSON is a conversion library based on XPDF 3.02 that can be used to convert PDF pages page by page to JSON and XML formats. PDF2JSON EmbedStream::getChar suffers from a security vulnerability. An attacker could exploit this vulnerability to cause a denial of service...

Billion Smart Energy Router SG600R2 Command Execution Vulnerability

The Billion Smart Energy Router SG600R2 is a router device. A security vulnerability exists in the Billion Smart Energy Router SG600R2 using firmware version 3.02.rc6. The vulnerability can be exploited to gain root execute privileges with the help of a hidden etcro/web/adm/systemcommand.asp shel...

D-Link DIR-600M - Authentication Bypass (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'CVE-2019-13101 D-Link DIR-600M Incorrect Access Control', 'Description' = %q This module attempts to find D-Link router DIR-600M which is...

Updated swftools packages fix security vulnerability

A Use After Free in the pdf2swf part of swftools 0.9.2 and earlier allows remote attackers to execute arbitrary code via a malformed PDF document, due to bundled code in Gfx.cc from Xpdf 3.02 CVE-2017-7698...

CVE-2017-17639

Muslim Matrimonial Script 3.02 has SQL Injection via the success-story.php succid parameter...

Sql injection

Muslim Matrimonial Script 3.02 has SQL Injection via the success-story.php succid parameter...

Design/Logic Flaw

A Use After Free in the pdf2swf part of swftools 0.9.2 and earlier allows remote attackers to execute arbitrary code via a malformed PDF document, possibly a consequence of an error in Gfx.cc in Xpdf 3.02...

CVE-2017-7698

The CVE-2017-7698 issue affects swftools prior to or including 0.9.2, where a Use After Free in the pdf2swf component can allow code execution via a malformed PDF. The root cause is a memory-management flaw tied to bundled code from Xpdf 3.02 (Gfx.cc), enabling remote attackers to execute arbitra...

CVE-2016-4501

Environmental Systems Corporation ESC 8832 Data Controller 3.02 and earlier mishandles sessions, which allows remote attackers to bypass authentication and make arbitrary configuration changes via unspecified vectors...

ESC 8832 Unauthorized Access Vulnerability

ESC 8832 is a Web-based SCADA system from ESC Corporation. A security vulnerability exists in ESC 8832 version 3.02 and earlier. A remote attacker can exploit this vulnerability to gain unauthorized access by performing a brute force attack on the parameters...

ESC 8832 Unauthorized Operation Vulnerability

ESC 8832 is a Web-based SCADA system from ESC Corporation. A security vulnerability exists in the ESC 8832 version 3.02 and prior. A remote attacker could exploit the vulnerability to make unauthorized changes to the configuration...

Cimon CmnView DLL Hijacking Vulnerability

OVERVIEW Ivan Sanchez of Wise Security has identified a DLL Hijacking vulnerability in the CIMON CmnView.exe application. CIMON, Inc. has produced a patch that mitigates this vulnerability. This vulnerability could be exploited remotely with social engineering and requires local user input...

CVE-2015-0932

The ANTlabs InnGate firmware on IG 3100, IG 3101, InnGate 3.00 E, InnGate 3.01 E, InnGate 3.02 E, InnGate 3.10 E, InnGate 3.01 G, and InnGate 3.10 G devices does not require authentication for rsync sessions, which allows remote attackers to read or write to arbitrary files via TCP traffic on por...

EMC Secure Remote Services Virtual Edition Provisioning component is affected by SQL injection

------------------------------------------------------------------------ EMC Secure Remote Services Virtual Edition Provisioning component is affected by SQL injection ------------------------------------------------------------------------ Han Sahin, November 2014...