57 matches found
CVE-2026-7202
creationtimestamp| type| source ---|---|--- 2026-04-28 01:43:45+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mkjhicp2472z 2026-04-28 02:02:15+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mkjijf2sb72s 2026-04-28 05:00:31+00:00| seen|...
CVE-2026-7202 Totolink A8000RU CGI cstecgi.cgi setWiFiWpsStart os command injection
A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. This affects the function setWiFiWpsStart of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument wscDisabled leads to os command injection. The attack can be initiated remotely. The...
EUVD-2020-26530
Malware in sbrugna...
MAL-2025-7202 Malicious code in @crabas0npm/commodi-nam-corporis (npm)
The package @crabas0npm/commodi-nam-corporis was found to contain malicious code...
CVE-2025-7202
CVE-2025-7202 describes a CSRF vulnerability in Elgato Key Lights and related light products that lets an attacker host a malicious webpage to remotely control the victim’s lights. Affected software is Elgato Key Lights and related light products; root cause is CSRF. Exploitation details are not ...
Important: Red Hat Security Advisory: grafana security update
An update for grafana is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
RHEL 9 : grafana (RHSA-2024:7202)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:7202 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: encoding/gob: golang:...
CVE-2024-7202 Simopro Technology WinMatrix3 Web package - SQL Injection
The query functionality of WinMatrix3 Web package from Simopro Technology lacks proper validation of user input, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents...
CVE-2024-7202 Simopro Technology WinMatrix3 Web package - SQL Injection
The query functionality of WinMatrix3 Web package from Simopro Technology lacks proper validation of user input, allowing unauthenticated remote attackers to inject SQL commands to read, modify, and delete database contents...
CVE-2024-7202
The CVE-2024-7202 entry concerns Simopro Technology’s WinMatrix3 Web package, where the query functionality lacks input validation, enabling SQL injection by unauthenticated remote attackers. The vulnerability affects the WinMatrix3 Web package and allows attackers to read, modify, and delete dat...
CVE-2023-7202
CVE-2023-7202 affects the Fatal Error Notify WordPress plugin prior to 1.5.3. The root cause is missing authorization checks and CSRF protections in the test_error AJAX action, enabling any authenticated user (e.g., a Subscriber) to trigger error emails to the site admin. This also enables CSRF e...
CVE-2023-7202 Fatal Error Notify < 1.5.3 - Subscriber+ Test Error Email Sending
The Fatal Error Notify WordPress plugin before 1.5.3 does not have authorisation and CSRF checks in its testerror AJAX action, allowing any authenticated users, such as subscriber to call it and spam the admin email address with error messages. The issue is also exploitable via CSRF...
WordPress Fatal Error Notify Plugin < 1.5.3 is vulnerable to Broken Access Control
Software Fatal Error Notify Type Plugin Vulnerable versions 1.5.3 Fixed in 1.5.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-7202 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 55ba4f7fb253 Credits Dmitrii Ignatyev Required...
Malicious code in wlwz-2312-7202 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 78c38ca4f604c0cd6965633bd5808ab3b7e1b776bfb318bbbdde7b9491328332 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Moderate: Red Hat Security Advisory: container-tools:4.0 security and bug fix update
An update for the container-tools:4.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...
ZOHO ManageEngine ADManager Plus 路径遍历漏洞
ZOHO ManageEngine ADManager Plus is a suite of Microsoft Active Directory management software from ZOHO designed for enterprise users using Windows domains. The software assists AD administrators and helpdesk technicians with day-to-day administrative tasks, such as batch management of user...
CVE-2023-39912
CVE-2023-39912 (Zoho ManageEngine ADManager Plus) affects pre-7203 builds of ManageEngine ADManager Plus. Multiple sources describe a file disclosure/vector: administrators/Help Desk Technician can read arbitrary files on the server, via directory traversal or improper path validation in the down...
SUSE CVE-2015-7202
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 43.0 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via unknown vectors...
SUSE: Security Advisory (SUSE-SU-2015:2336-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:2334-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...