CVE-2026-5241

creationtimestamp| type| source ---|---|--- 2026-06-03 15:19:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnffunrsrm2e...

CVE-2020-5807

An unauthenticated remote attacker can send data to RsvcHost.exe listening on TCP port 5241 to add entries in the FactoryTalk Diagnostics event log. The attacker can specify long fields in the log entry, which can cause an unhandled exception in wcscpys if a local user opens FactoryTalk Diagnosti...

CVE-2010-5241

Multiple untrusted search path vulnerabilities in Autodesk AutoCAD 2010 allow local users to gain privileges via a Trojan horse 1 dwmapi.dll or 2 IBFS32.DLL file in the current working directory, as demonstrated by a directory that contains a .dwg file. NOTE: the provenance of this information is...

CVE-2020-5241

matestack-ui-core RubyGem before 0.7.4 is vulnerable to XSS/Script injection. This vulnerability is patched in version 0.7.4...

CVE-2024-5241 Huashi Private Cloud CDN Live Streaming Acceleration Server ipconfig_new.php os command injection

A vulnerability was found in Huashi Private Cloud CDN Live Streaming Acceleration Server up to 20240520. It has been classified as critical. Affected is an unknown function of the file /manager/ipconfignew.php. The manipulation of the argument dev leads to os command injection. It is possible to...

CVE-2024-5241

CVE-2024-5241 affects Huashi Private Cloud CDN Live Streaming Acceleration Server (up to 20240520). The vulnerability is in an unknown function of the file /manager/ipconfig_new.php, where manipulation of the dev argument leads to OS command injection. It can be exploited remotely, and the exploi...

CVE-2024-5241 Huashi Private Cloud CDN Live Streaming Acceleration Server ipconfig_new.php os command injection

A vulnerability was found in Huashi Private Cloud CDN Live Streaming Acceleration Server up to 20240520. It has been classified as critical. Affected is an unknown function of the file /manager/ipconfignew.php. The manipulation of the argument dev leads to os command injection. It is possible to...

TOTOLINK T6 访问控制错误漏洞

TOTOLINK T6 is a wireless dual-band router from China's Gion Electronics TOTOLINK. An access control error vulnerability exists in TOTOLINK T6 version 4.1.9cu.5241B20210923, which originates from an access control error in the file /cgi-bin/cstecgi.cgi. An attacker could exploit this vulnerabilit...

PT-2023-8245 · Totolink · Totolink T6

Name of the Vulnerable Software and Affected Versions: Totolink T6 version 4.1.9cu.5241 B20210923 Description: A critical issue has been found in the Totolink T6 mesh system, related to a buffer overflow when handling the v41 parameter in the /cgi-bin/cstecgi.cgi?action=login API endpoint. This c...

CVE-2023-5241

creationtimestamp| type| source ---|---|--- 2023-10-20 07:34:54+00:00| seen| https://t.me/cibsecurity/72637 2025-06-12 15:34:17+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18193...

CVE-2023-5646

Rejected reason: REJECT DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-5241. Reason: This record is a reservation duplicate of CVE-2023-5241. Notes: All CVE users should reference CVE-2023-5241 instead of this record. All references and descriptions in this record have been removed to prevent...

CVE-2023-5241 AI ChatBot <= 4.8.9 and 4.9.2 - Authenticated (Subscriber+) Directory Traversal to Arbitrary File Write via qcld_openai_upload_pagetraining_file

The AI ChatBot for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.8.9 as well as 4.9.2 via the qcldopenaiuploadpagetrainingfile function. This allows subscriber-level attackers to append "?php" to any existing file on the server resulting in potential DoS when...

CVE-2023-5241

CVE-2023-5241 affects the WordPress AI ChatBot plugin. It is a Directory Traversal via the function qcld_openai_upload_pagetraining_file , enabling subscriber‑level attackers to append PHP code to existing server files (e.g., wp-config.php), with potential DoS. Affected versions are up to 4.8.9 a...

CVE-2023-5241

The AI ChatBot for WordPress is vulnerable to Directory Traversal in versions up to, and including, 4.8.9 as well as 4.9.2 via the qcldopenaiuploadpagetrainingfile function. This allows subscriber-level attackers to append "?php" to any existing file on the server resulting in potential DoS when...

WordPress ChatBot Plugin <= 4.8.9 is vulnerable to Path Traversal

Software ChatBot Type Plugin Vulnerable versions = 4.8.9 Fixed in 4.9.1 OWASP Top 10 A3: Injection Classification Path Traversal CVE CVE-2023-5241 Patch priority High CVSS severity High 9.6 Developer Claim ownership PSID 066f9b5875d8 Credits Marco Wotschka Required privilege Subscriber Published ...

Ubuntu 18.04 LTS : QtSvg vulnerabilities (USN-5241-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5241-1 advisory. It was discovered that QtSvg incorrectly handled certain malformed SVG images. If a user or automated system were tricked into opening a specially crafte...

RHEL 8 : kernel-rt (RHSA-2021:5241)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:5241 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Securi...

CVE-2020-5807

An unauthenticated remote attacker can send data to RsvcHost.exe listening on TCP port 5241 to add entries in the FactoryTalk Diagnostics event log. The attacker can specify long fields in the log entry, which can cause an unhandled exception in wcscpys if a local user opens FactoryTalk Diagnosti...

CVE-2020-5807

An unauthenticated remote attacker can send data to RsvcHost.exe listening on TCP port 5241 to add entries in the FactoryTalk Diagnostics event log. The attacker can specify long fields in the log entry, which can cause an unhandled exception in wcscpys if a local user opens FactoryTalk Diagnosti...

Code injection

An unauthenticated remote attacker can send data to RsvcHost.exe listening on TCP port 5241 to add entries in the FactoryTalk Diagnostics event log. The attacker can specify long fields in the log entry, which can cause an unhandled exception in wcscpys if a local user opens FactoryTalk Diagnosti...