15 matches found
CVE-2026-41667
creationtimestamp| type| source ---|---|--- 2026-04-22 08:28:04+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mk33bs53k52h...
EUVD-2025-41667
Malicious code in arif-kacang70-kyuki npm...
CVE-2025-41667
A low privileged remote attacker with file access can replace a critical file used by the arp-preinit script to get read, write and execute access to any file on the device...
CVE-2025-41667
creationtimestamp| type| source ---|---|--- 2025-07-08 07:11:01+00:00| seen| https://infosec.exchange/users/certvde/statuses/114816362788303261 2025-07-08 07:11:10+00:00| seen| https://bsky.app/profile/certvde.infosec.exchange.ap.brid.gy/post/3ltgqovnswf72 2025-07-08 09:22:50+00:00| seen|...
CVE-2025-41667 Phoenix Contact: File access due to the replacement of a critical file used by the arp-preinit script
A low privileged remote attacker with file access can replace a critical file used by the arp-preinit script to get read, write and execute access to any file on the device...
CVE-2023-41667
Cross-Site Request Forgery CSRF vulnerability in Ulf Benjaminsson WP-dTree plugin = 4.4.5 versions...
CVE-2022-41667
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that allows adversaries with local user privileges to load a malicious DLL which could lead to execution of malicious code. Affected Products: EcoStruxure Operator Terminal ExpertV3.3 Hotfi...
CVE-2024-41667
creationtimestamp| type| source ---|---|--- 2024-07-24 20:49:53+00:00| seen| https://t.me/cvedetector/1581 2024-08-01 10:18:46+00:00| seen| https://t.me/HackingInsights/8271...
CVE-2024-41667 OpenAM FreeMarker template injection
OpenAM is an open access management solution. In versions 15.0.3 and prior, the getCustomLoginUrlTemplate method in RealmOAuth2ProviderSettings.java is vulnerable to template injection due to its usage of user input. Although the developer intended to implement a custom URL for handling login to...
CVE-2023-41667
creationtimestamp| type| source ---|---|--- 2023-10-09 22:16:02+00:00| seen| https://t.me/cibsecurity/71850...
CVE-2023-41667 WordPress WP-dTree Plugin <= 4.4.5 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Ulf Benjaminsson WP-dTree plugin = 4.4.5 versions...
CVE-2023-41667
CVE-2023-41667: Cross-Site Request Forgery in WP-dTree plugin (WordPress) versions
CVE-2022-41667
creationtimestamp| type| source ---|---|--- 2022-11-04 15:28:04+00:00| seen| https://t.me/cibsecurity/52561...
CVE-2022-41667
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that allows adversaries with local user privileges to load a malicious DLL which could lead to execution of malicious code. Affected Products: EcoStruxure Operator Terminal ExpertV3.3 Hotfi...
CVE-2022-41667
The CVE-2022-41667 path-traversal issue affects EcoStruxure Operator Terminal Expert (V3.3 Hotfix 1 or prior) and Pro-face BLUE (V3.3 Hotfix 1 or prior). The root cause is improper limitation of a pathname to a restricted directory, allowing a user with local privileges to load a malicious DLL an...