CVE-2026-26099

Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration File Search Paths via a crafted network request...

PT-2026-21266

Uncontrolled Search Path Element in Owl opds 2.2.0.4 allows Leveraging/Manipulating Configuration File Search Paths via a crafted network request...

CVE-2021-41081

Zoho ManageEngine Network Configuration Manager before 125465 is vulnerable to SQL Injection in a configuration search...

CVE-2025-14018 Unquoted Service Path in NetBT Consultancy's e-Fatura

Unquoted Search Path or Element vulnerability in NetBT Consulting Services Inc. E-Fatura allows Leveraging/Manipulating Configuration File Search Paths, Redirect Access to Libraries. This issue affects e-Fatura: before 1.2.15...

PT-2023-28089 · Unknown · Pandora Fms

Name of the Vulnerable Software and Affected Versions: Pandora FMS versions 700 through 772 Description: The issue is related to an Uncontrolled Search Path Element vulnerability, which allows for Leveraging/Manipulating Configuration File Search Paths. This vulnerability enables access to files...

ManageEngine NCM < 12.5.465 SQLi

A SQL injection vulnerability exists in ManageEngine NCM prior to 12.5.465, due to an issue in configuration search. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 70300 C Tenable, Inc...

CVE-2021-41081

Zoho ManageEngine Network Configuration Manager before 125465 is vulnerable to SQL Injection in a configuration search...

Zoho Corporation Zoho ManageEngine Network Configuration Manager SQL注入漏洞

Zoho ManageEngine Network Configuration Manager is a network change and configuration management tool for managing the configuration of switches, routers and firewalls. A SQL injection vulnerability exists in the configuration search in Zoho ManageEngine Network Configuration Manager. No details ...

PT-2021-23074 · Zoho · Zoho Manageengine Network Configuration Manager

Name of the Vulnerable Software and Affected Versions: ManageEngine Network Configuration Manager versions prior to 125465 Description: The issue concerns a SQL Injection vulnerability in the configuration search of ManageEngine Network Configuration Manager. Recommendations: For ManageEngine...

Syntastic Code Execution Vulnerability

Syntastic vim-syntastic is a syntax-checking plugin for use on Linux systems. A security vulnerability exists in Syntastic 3.9.0 and earlier versions, which stems from the program's failure to properly handle searches of configuration files. The vulnerability can be exploited by an attacker to...