13 matches found
CVE-2022-36455
TOTOLink A3600R V4.1.2cu.5182B20201102 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi...
CVE-2021-36455
SQL Injection vulnerability in Naviwebs Navigate CMS 2.9 via the quicksearch parameter in \lib\packages\comments\comments.php...
CVE-2020-36455
An issue was discovered in the slock crate through 2020-11-17 for Rust. Slock unconditionally implements Send and Sync...
CVE-2024-36455
creationtimestamp| type| source ---|---|--- 2024-07-15 16:50:57+00:00| seen| https://t.me/cvedetector/873...
CVE-2024-36455
An improper input validation allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request...
CVE-2024-36455 Symantec Privileged Access Manager Remote Command Execution vulnerability
An improper input validation allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request...
CVE-2022-36455
creationtimestamp| type| source ---|---|--- 2022-08-25 18:23:21+00:00| seen| https://t.me/cibsecurity/48718...
CVE-2022-36455
TOTOLink A3600R V4.1.2cu.5182B20201102 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi...
CVE-2022-36455
TOTOLink A3600R firmware 4.1.2cu.5182_B20201102 contains a command injection vulnerability in the /cstecgi.cgi endpoint where the username parameter is unsafely handled. The root cause is improper input handling in this API, enabling an attacker with local access to execute arbitrary commands wit...
CVE-2022-36455
TOTOLink A3600R V4.1.2cu.5182B20201102 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi...
CVE-2020-36455
An issue was discovered in the slock crate through 2020-11-17 for Rust. Slock unconditionally implements Send and Sync...
CVE-2020-36455
The CVE-2020-36455 issue affects the Rust crate slock. The vulnerability stems from Slock unconditionally implementing Send and Sync, allowing non-Send types to be sent across threads. This can enable data races and memory corruption as various OSV/NVD entries describe the same core problem, with...
CVE-2021-36455
CVE-2021-36455 affects Naviwebs Navigate CMS 2.9. The vulnerability is a SQL Injection in the quicksearch parameter of lib/packages/comments/comments.php, caused by insufficient input filtering. Documents confirm the affected product/version and root cause; no explicit exploitation details are pr...