20 matches found
CVE-2026-40829
A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the view.html.php files UpdateParam function due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical...
CVE-2026-40829
creationtimestamp| type| source ---|---|--- 2026-05-27 08:11:19+00:00| seen| https://infosec.exchange/users/certvde/statuses/116645525736344350 2026-05-27 08:12:09+00:00| seen| https://infosec.exchange/users/certvde/statuses/116645529147227087...
CVE-2026-40829
CVE-2026-40829 describes an unauthenticated SQL Injection in the view.html.php UpdateParam function, exploitable by a high-privilege remote attacker. It can read the entire database and alter values in a non-critical table, leading to total confidentiality loss and some integrity loss. The connec...
CVE-2026-40829 Authenticated SQLi in UpdateParam function
A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the view.html.php files UpdateParam function due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical...
CVE-2025-40829
creationtimestamp| type| source ---|---|--- 2025-12-12 11:48:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m7rzf3brtq2q 2025-12-17 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-1124/...
EUVD-2025-40829
Malicious code in vera-sasag92-sumpek npm...
CVE-2024-40829
creationtimestamp| type| source ---|---|--- 2024-07-30 02:21:01+00:00| seen| https://t.me/cvedetector/1953 2025-03-14 19:44:55+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7628...
CVE-2024-40829
The issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Ventura 13.6.8, watchOS 10.6. An attacker may be able to view restricted content from the lock screen...
CVE-2024-40829
The issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Ventura 13.6.8, watchOS 10.6. An attacker may be able to view restricted content from the lock screen...
CVE-2024-40829
The issue was addressed with improved checks. This issue is fixed in watchOS 10.6, iOS 17.6 and iPadOS 17.6, iOS 16.7.9 and iPadOS 16.7.9, macOS Ventura 13.6.8. An attacker may be able to view restricted content from the lock screen...
CVE-2024-40829
CVE-2024-40829 affects Apple platforms (watchOS, iOS/iPadOS, macOS) where an attacker may view restricted content from the lock screen. Root cause is described as the issue being addressed with improved checks. Remediations are available via patches: watchOS 10.6; iOS 17.6/iPadOS 17.6; iOS 16.7.9...
CVE-2023-40829
CVE-2023-40829 affects Tencent Enterprise Wechat Privatization versions 2.5.x–2.6.930000, describing an interface unauthorized access vulnerability in the background. CVSS v3.1 base score 7.5 (Network, L/PR:None/UI:None/S:Unchanged; Conf. High, Itg. None, Avail. None). No remediation details are ...
CVE-2023-40829
There is an interface unauthorized access vulnerability in the background of Tencent Enterprise Wechat Privatization 2.5.x and 2.6.930000...
CVE-2022-40829
creationtimestamp| type| source ---|---|--- 2022-10-07 14:17:14+00:00| seen| https://t.me/cibsecurity/50956...
CVE-2022-40829
B.C. Institute of Technology CodeIgniter =3.1.13 is vulnerable to SQL Injection via system\database\DBquerybuilder.php orlike function. Note: Multiple third parties have disputed this as not a valid vulnerability...
CVE-2022-40829
CodeIgniter 3.x versions
CVE-2022-40829
B.C. Institute of Technology CodeIgniter =3.1.13 is vulnerable to SQL Injection via system\database\DBquerybuilder.php orlike function. Note: Multiple third parties have disputed this as not a valid vulnerability...
CVE-2021-40829
creationtimestamp| type| source ---|---|--- 2021-11-23 02:20:16+00:00| seen| https://t.me/cibsecurity/32835...
CVE-2021-40829
Connections initialized by the AWS IoT Device SDK v2 for Java versions prior to 1.4.2, Python versions prior to 1.6.1, C++ versions prior to 1.12.7 and Node.js versions prior to 1.5.3 did not verify server certificate hostname during TLS handshake when overriding Certificate Authorities CA in the...
CVE-2021-40829
CVE-2021-40829 affects AWS IoT Device SDK v2 for Java, Python, C++, and Node.js on macOS. The root cause was TLS hostname verification not being performed when clients override CA trust stores, allowing potential hostname-mismatch issues in TLS handshakes. The issue is tied to the aws-c-io submod...