CVE-2026-3150

creationtimestamp| type| source ---|---|--- 2026-02-25 05:27:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfnx3ohr4r2o...

Phoenix Contact CHARX SEC-3150 代码注入漏洞

The Phoenix Contact CHARX SEC-3150 is an AC charge controller from Phoenix Contact, Germany. The Phoenix Contact CHARX SEC-3150 suffers from a code injection vulnerability that originates from a low-privileged remote attacker who can perform command injection by changing the system configuration...

(Pwn2Own) Phoenix Contact CHARX SEC-3150 OCPP Authentication Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Phoenix Contact CHARX SEC-3150 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the OCPP service. The issue result...

(Pwn2Own) Phoenix Contact CHARX SEC-3150 Origin Validation Error Firewall Bypass Vulnerability

This vulnerability allows network-adjacent attackers to bypass firewall rules and access another interface on affected installations of Phoenix Contact CHARX SEC-3150 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration of firewa...

(Pwn2Own) Phoenix Contact CHARX SEC-3150 Configuration Service Missing Authentication Vulnerability

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Phoenix Contact CHARX SEC-3150 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the configuration service, which listens on TCP port 500...

PHOENIX CONTACT多款产品 操作系统命令注入漏洞

PHOENIX CONTACT CHARX SEC-3050 and others are products of PHOENIX CONTACT, Germany.PHOENIX CONTACT CHARX SEC-3050 is an AC charge controller.PHOENIX CONTACT CHARX SEC-3100 is an AC PHOENIX CONTACT CHARX SEC-3150 is an AC charge controller. An operating system command injection vulnerability exist...

CVE-2022-3150

The WP Custom Cursors WordPress plugin before 3.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privileged users such as admin...

CVE-2021-3150

A cross-site scripting XSS vulnerability on the Delete Personal Data page in Cryptshare Server before 4.8.0 allows an attacker to inject arbitrary web script or HTML via the user name. The issue is fixed with the version 4.8.1...

CVE-2025-3150

A vulnerability was found in itning Student Homework Management System up to 1.2.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been...

CVE-2025-3150

creationtimestamp| type| source ---|---|--- 2025-04-03 07:34:00+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/10171 2025-04-03 11:03:13+00:00| seen| https://t.me/cvedetector/21956...

CVE-2025-3150 itning Student Homework Management System cross-site request forgery

A vulnerability was found in itning Student Homework Management System up to 1.2.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been...

CVE-2025-3150 itning Student Homework Management System cross-site request forgery

A vulnerability was found in itning Student Homework Management System up to 1.2.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been...

CVE-2024-3150

creationtimestamp| type| source ---|---|--- 2025-01-09 22:15:46+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1099...

PHOENIX CONTACT CHARX SEC 安全漏洞

PHOENIX CONTACT CHARX SEC is a series of AC charge controllers from PHOENIX CONTACT, Germany. A security vulnerability exists in the PHOENIX CONTACT CHARX SEC. An attacker could exploit the vulnerability to change the device configuration. The following products are affected: CHARX SEC-3000, CHAR...

CVE-2024-3150

In mintplex-labs/anything-llm, a vulnerability exists in the thread update process that allows users with Default or Manager roles to escalate their privileges to Administrator. The issue arises from improper input validation when handling HTTP POST requests to the endpoint...

CVE-2024-3150

In mintplex-labs/anything-llm, a vulnerability exists in the thread update flow where HTTP POSTs to /workspace/:slug/thread/:threadSlug/update incorrectly validate user input before passing data to the workspace_thread Prisma model. This flaw enables users with Default or Manager roles to craft a...

SUSE CVE-2015-3150

abrt-dbus in Automatic Bug Reporting Tool ABRT allows local users to delete or change the ownership of arbitrary files via the problem directory argument to the 1 ChownProblemDir, 2 DeleteElement, or 3 DeleteProblem method...

CVE-2023-3150

CVE-2023-3150 affects SourceCodester Online Discussion Forum Site 1.0. A vulnerability exists in the function of the file posts\manage_post.php where manipulating the id argument leads to SQL injection. The issue can be exploited remotely and the exploit has been disclosed publicly. Affected prod...

AlmaLinux 9 : thunderbird (ALSA-2023:3150)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:3150 advisory. - In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofin...

Oracle Linux 9 : thunderbird (ELSA-2023-3150)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-3150 advisory. 102.11.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 102.11.0-1 - Update to 102.11.0 build1 Tenable h...