21 matches found
CVE-2026-31062
CVE-2026-31062 affects UTT Aggressive 520W devices with firmware v3v1.7.7-180627. The issue is a buffer overflow in the filename parameter of the formFtpServerDirConfig function, leading to Denial of Service via crafted input. The connected sources consistently describe this as a DoS vulnerabilit...
CVE-2024-31062
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the Street input field...
CVE-2025-31062
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in redqteam Wishlist wishlist allows Retrieve Embedded Sensitive Data.This issue affects Wishlist: from n/a through = 2.1.0...
CVE-2025-31062
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in redqteam Wishlist wishlist allows Retrieve Embedded Sensitive Data.This issue affects Wishlist: from n/a through = 2.1.0...
CVE-2025-31062
CVE-2025-31062 (Wishlist WordPress plugin) : Affects Wishlist versions n/a–2.1.0. Described as Exposure of Sensitive System Information to an Unauthorized Control Sphere, allowing retrieval of embedded sensitive data. CVSSv3.1 base score 4.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N). Exploitation det...
CVE-2025-31062 WordPress Wishlist plugin <= 2.1.0 - Sensitive Data Exposure Vulnerability
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in redqteam Wishlist wishlist allows Retrieve Embedded Sensitive Data.This issue affects Wishlist: from n/a through = 2.1.0...
WordPress Wishlist plugin <= 2.1.0 - Sensitive Data Exposure Vulnerability
Sensitive Data Exposure Vulnerability discovered by Tran Nguyen Bao KhanhVCI - VNPT in WordPress Plugin Wishlist versions = 2.1.0...
CVE-2024-31062
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the Street input field...
CVE-2024-31062
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the Street input field...
CVE-2024-31062
CVE-2024-31062 is a Cross Site Scripting vulnerability in the Insurance Management System, affected versions 1.0.0 and earlier. The issue allows a remote attacker to execute arbitrary code via the Street input field, indicating a client-side/script injection flaw in the Street field processing. T...
CVE-2023-31062
CVE-2023-31062 documents an Apache InLong Privilege Escalation vulnerability (affected versions 1.2.0–1.6.0). The issue arises from improper privilege management, allowing an attacker who has a valid but unprivileged account to escalate privileges by sending a login request (e.g., via Burp Suite)...
CVE-2023-31062 Apache InLong: Privilege escalation vulnerability for InLong
Improper Privilege Management Vulnerabilities in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. When the attacker has access to a valid but unprivileged account, the exploit can be executed using Burp Suite by sending a login request and...
CVE-2023-31062 Apache InLong: Privilege escalation vulnerability for InLong
Improper Privilege Management Vulnerabilities in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. When the attacker has access to a valid but unprivileged account, the exploit can be executed using Burp Suite by sending a login request and...
GLPI Glpiinventory 1.0.1 Local File Inclusion
ADVISORY INFORMATION Exploit Title: GLPI Glpiinventory v1.0.1 - Unauthenticated Local File Inclusion Date of found: 11 Jun 2022 Application: GLPI Glpiinventory = 1.0.1 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link:...
GLPI Glpiinventory v1.0.1 - Unauthenticated Local File Inclusion Vulnerability
ADVISORY INFORMATION Exploit Title: GLPI Glpiinventory v1.0.1 - Unauthenticated Local File Inclusion Date of found: 11 Jun 2022 Application: GLPI Glpiinventory = 1.0.1 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link:...
GLPI Glpiinventory v1.0.1 - Unauthenticated Local File Inclusion
ADVISORY INFORMATION Exploit Title: GLPI Glpiinventory v1.0.1 - Unauthenticated Local File Inclusion Date of found: 11 Jun 2022 Application: GLPI Glpiinventory = 1.0.1 Author: Nuri Çilengir Vendor Homepage: https://glpi-project.org/ Software Link:...
CVE-2022-31062 Unauthenticated Local File Inclusion
Impact A plugin public script can be used to read content of system files. Patches Upgrade to version 1.0.2. Workarounds b/deploy/index.php file can be deleted if deploy feature is not used...
CVE-2022-31062 Unauthenticated Local File Inclusion
Impact A plugin public script can be used to read content of system files. Patches Upgrade to version 1.0.2. Workarounds b/deploy/index.php file can be deleted if deploy feature is not used...
CVE-2022-31062
GLPI Inventory Plugin for GLPI is affected by an unauthenticated Local File Inclusion vulnerability in versions before 1.0.2. A public script in the plugin can be used to read system files (root cause: public file/script exposed under b/deploy/index.php path). Impact is reading contents of system...
CVE-2021-31062
...