CVE-2026-7721

creationtimestamp| type| source ---|---|--- 2026-05-04 06:57:27+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mkz3srlohr2e...

CVE-2026-7721

Totolink WA300 5.2cu.7112_B20190227 is affected via /cgi-bin/cstecgi.cgi NTPSyncWithHost. The vulnerability arises from manipulating the hostTime argument in NTPSyncWithHost, enabling remote command injection. Reported exploitability is network-based with low privilege requirements and no user in...

CVE-2019-7721

lib/NCCms.class.php in nc-cms 3.5 allows upload of .php files via the index.php?action=save name and editordata parameters...

CVE-2025-7721

creationtimestamp| type| source ---|---|--- 2025-10-05 00:03:13+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3m2fsbs4vgr2j...

MAL-2025-7721 Malicious code in @crabas0npm2/soluta-mollitia-incidunt (npm)

The package @crabas0npm2/soluta-mollitia-incidunt was found to contain malicious code...

CVE-2024-7721

creationtimestamp| type| source ---|---|--- 2024-09-11 07:48:54+00:00| seen| https://t.me/cvedetector/5330 2026-01-24 22:43:56+00:00| seen| https://gist.github.com/alon710/51e33e55633030b2ffbc0584a4c712f5...

WordPress Flash & HTML5 Video Plugin <= 2.5.34 is vulnerable to Broken Access Control

Software Flash & HTML5 Video Type Plugin Vulnerable versions = 2.5.34 Fixed in 2.5.35 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-7721 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 692106c3e036 Credits Lucio Sá Required...

node-oojs-tool (>=1.0.0 <=1.0.11), node-oojs-utility (>=1.0.5 <=1.2.11) +6 more potentially affected by CVE-2020-7721 via node-oojs (=1.4.0)

node-oojs NPM version =1.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on node-oojs and may be impacted: - node-oojs-tool =1.0.0, =1.0.5, =0.0.6, =0.1.0, =0.1.1, =0.1.0, =1.0.0, =1.0.5 Source cves: CVE-2020-7721 Source advisory: OSV:GHSA-J4RW-X3VG-C...

CVE-2020-7721

All versions of package node-oojs are vulnerable to Prototype Pollution via the setPath function...

CVE-2020-7721

CVE-2020-7721 affects node-oojs; vulnerable to Prototype Pollution via the setPath function. Affected: versions prior to 1.4.1 (up to 1.4.0 per advisories). Impact includes potential manipulation of Object.prototype, enabling outcomes like DoS or remote code execution in some scenarios. Remediati...

CVE-2020-7721 Prototype Pollution

All versions of package node-oojs are vulnerable to Prototype Pollution via the setPath function...

node-oojs-tool (>=1.0.0 <=1.0.11), node-oojs-utility (>=1.0.5 <=1.2.11) +6 more potentially affected by CVE-2020-7721 via node-oojs (=1.4.0)

node-oojs NPM version =1.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on node-oojs and may be impacted: - node-oojs-tool =1.0.0, =1.0.5, =0.0.6, =0.1.0, =0.1.1, =0.1.0, =1.0.0, =1.0.5 Source cves: CVE-2020-7721 Source advisory: SNYK:JS-NODEOOJS-598...

CVE-2019-7721

CVE-2019-7721 affects nc-cms 3.5. The vulnerability is in lib/NCCms.class.php where uploading a ".php" file is possible via the index.php?action=save name and editordata parameters. The connected Red Hat/NVD entries corroborate the file upload issue and the associated impact (integrity concerns)....

CVE-2019-7721

lib/NCCms.class.php in nc-cms 3.5 allows upload of .php files via the index.php?action=save name and editordata parameters...

CVE-2018-7721

CVE-2018-7721 is an XSS vulnerability in MetInfo 6.0.0. The issue lies in /feedback/index.php where input data is mishandled by app/system/feedback/web/feedback.class.php, enabling cross-site scripting. NVD metrics assign CVSSv3 base score 6.1 (MEDIUM) with NETWORK attack vector, LOW attack compl...

CVE-2016-7721

CVE-2016-7721 is rejected/not used; this candidate is not an active vulnerability entry.

CVE-2017-7721

Affected software: IrfanView 4.44 (32-bit) with FPX Plugin prior to 4.45. Vulnerability: improper processing of FlashPix (.FPX) files leads to denial of service via an access violation/crash, potentially enabling remote triggering through crafted FPX content. Root cause: described as faulty handl...

KLA11016 Denial of service vulnerability in IrfanView

An improper processing of .FPX FlashPix files was found in IrfanView 4.44 32-bit with FPX Plugin before 4.45. By exploiting this vulnerability malicious users can cause a denial of service. This vulnerability can be exploited remotely via a specially designed .FPX file. Original advisories...

CVE-2014-7721

The President Clicker aka com.flexymind.pclicker application 1.0.4 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-7721

The CVE-2014-7721 entry concerns The President Clicker (com.flexymind.pclicker) for Android v1.0.4, which fails to verify SSL X.509 certificates. The root cause is improper certificate validation, enabling an attacker to perform a man-in-the-middle attack and potentially disclose sensitive inform...