103 matches found
CVE-2026-50233 Lyrion Music Server 9.2.0 Arbitrary Directory Listing
Lyrion Music Server 9.2.0 contains an arbitrary directory listing vulnerability in its readdirectory query, exposed through both the CLI service TCP port 9090 and the HTTP JSON-RPC endpoint /jsonrpc.js. The query accepts a folder parameter and lists its contents with no restriction to the...
EUVD-2026-34832
Lyrion Music Server 9.2.0 contains an arbitrary directory listing vulnerability in its readdirectory query, exposed through both the CLI service TCP port 9090 and the HTTP JSON-RPC endpoint /jsonrpc.js. The query accepts a folder parameter and lists its contents with no restriction to the...
CVE-2026-50233
The CVE-2026-50233 entry concerns Lyrion Music Server 9.2.0 with an arbitrary directory listing flaw in the readdirectory function. The issue is exposed via the CLI service on TCP port 9090 and the HTTP JSON-RPC endpoint at /jsonrpc.js. The vulnerable query accepts a folder parameter and returns ...
Lyrion Music Server 9.2.0 Arbitrary Directory Listing
Summary Lyrion Music Server formerly Logitech Media Server, and often abbreviated as "LMS" is open-source software which can control and serve stream music to a wide range of physical and virtual audio players called Squeezeboxes. Lyrion Music Server can stream your local music collection, intern...
EUVD-2006-0309
Malware in sbrugna...
EUVD-2006-0367
Malware in sbrugna...
EUVD-2002-0773
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2014-9090
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The dodoublefault function in arch/x86/kernel/traps.c in the Linux kernel through 3.17.4 does not properly handle faults associated with the Stack Segment SS...
MAL-2025-9090 Malicious code in @marcos_feitoza/dashboard (npm)
The package @marcosfeitoza/dashboard was found to contain malicious code...
📄 Mobile Mouse Server 3.6.3 Remote Code Execution
Mobile Mouse Server for macOS exposes a TCP control interface on port 9090, which accepts plaintext commands to simulate keyboard input and launch applications. By default, no authentication is required, allowing a remote attacker to fully control the target system. Version 3.6.3 is affected...
CVE-2024-9090
A vulnerability was found in SourceCodester Modern Loan Management System 1.0. It has been classified as critical. Affected is an unknown function of the file searchmember.php. The manipulation of the argument searchMember leads to sql injection. It is possible to launch the attack remotely. The...
CVE-2020-9090
FusionAccess version 6.5.1 has an improper authorization vulnerability. A command is authorized with incorrect privilege. Attackers with other privilege can execute the command to exploit this vulnerability. This may compromise normal service of the affected product...
CVE-2017-9090
reg.php in Allen Disk 1.6 doesn't check if isset$SESSION'captcha''code'==1, which makes it possible to bypass the CAPTCHA via an empty $POST'captcha'...
PT-2025-34644 · Libbiosig +1 · Libbiosig +1
Name of the Vulnerable Software and Affected Versions: libbiosig versions 3.9.0 and Master Branch 35a819fa Description: A stack-based buffer overflow vulnerability exists in the MFER parsing functionality. A specially crafted MFER file can lead to arbitrary code execution. The vulnerability...
CVE-2024-9090
creationtimestamp| type| source ---|---|--- 2024-09-23 02:56:16+00:00| seen| https://t.me/cvedetector/6164...
CVE-2024-9090 SourceCodester Modern Loan Management System search_member.php sql injection
A vulnerability was found in SourceCodester Modern Loan Management System 1.0. It has been classified as critical. Affected is an unknown function of the file searchmember.php. The manipulation of the argument searchMember leads to sql injection. It is possible to launch the attack remotely. The...
CVE-2024-9090
CVE-2024-9090 affects SourceCodester Modern Loan Management System 1.0, specifically the search_member.php file. The vulnerability is a SQL injection via the searchMember parameter, enabling remote exploitation. Public disclosures exist, and several sources classify it as critical/medium dependin...
CVE-2024-9090 SourceCodester Modern Loan Management System search_member.php sql injection
A vulnerability was found in SourceCodester Modern Loan Management System 1.0. It has been classified as critical. Affected is an unknown function of the file searchmember.php. The manipulation of the argument searchMember leads to sql injection. It is possible to launch the attack remotely. The...
CVE-2024-38346
The CloudStack cluster service runs on unauthenticated port default 9090 that can be misused to run arbitrary commands on targeted hypervisors and CloudStack management server hosts. Some of these commands were found to have command injection vulnerabilities that can result in arbitrary code...
Ubuntu: Security Advisory (USN-2443-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...