CVE-2024-57546

An issue in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the validate link function...

CVE-2024-57546

An issue in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the validate link function...

CMSimple 安全漏洞

CMSimple is a free content management system from CMSimple Open Source. A security vulnerability exists in CMSimple version 5.16, which stems from a vulnerability that allows a remote attacker to obtain sensitive information via a carefully crafted script that enables authenticated link...

CVE-2024-57546

CMSimple v5.16 is affected by a vulnerability in the validate link function that can allow a remote attacker to obtain sensitive information and may enable SSRF. The issue stems from insufficient protection of internal data in the link validation path. Recommended temporary mitigation: disable th...

CVE-2024-48123

The CVE-2024-48123 entry concerns the HI-SCAN 6040i Hitrax HX-03-19-I's USB Autorun feature. The vulnerability enables attackers to execute arbitrary code by uploading a crafted script from a USB device. Current connected documents reiterate this issue but do not provide specific affected version...

Termius 安全漏洞

Termius is an SSH client from Termius, Inc. A security vulnerability exists in Termius versions prior to 9.9.0 that originates from allowing a local attacker to execute arbitrary code via a specially crafted script in the DYLDINSERTLIBRARIES component...

CVE-2024-51112

Open Redirect vulnerability in Pnetlab 5.3.11 allows an attacker to manipulate URLs to redirect users to arbitrary external websites via a crafted script...

CVE-2024-51112

Open Redirect vulnerability in Pnetlab 5.3.11 allows an attacker to manipulate URLs to redirect users to arbitrary external websites via a crafted script...

CVE-2024-51112

Open Redirect vulnerability in Pnetlab 5.3.11 allows an attacker to manipulate URLs to redirect users to arbitrary external websites via a crafted script...

CVE-2024-51112

Open Redirect vulnerability in Pnetlab 5.3.11 allows an attacker to manipulate URLs to redirect users to arbitrary external websites via a crafted script...

CVE-2024-41650

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2costmap2d...

CVE-2024-41649

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the executorthread...

CVE-2024-41647

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2mppicontroller...

CVE-2024-41646

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2dwbcontroller...

Nav2 安全漏洞

Nav2 is the ROS community's navigation framework and system for ROS2. A security vulnerability exists in Nav2 that stems from the inclusion of an unsafe privilege vulnerability. An attacker exploiting this vulnerability could execute arbitrary code to executorthread via a carefully crafted script...

CVE-2024-41648

Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2regulatedpurepursuitcontroller...

CVE-2023-38920

CVE-2023-38920 affects Cyber Cafe Management System (CCMS) v1.0. The vulnerability is a Cross Site Scripting (XSS) flaw in the adminname parameter that allows a local attacker to execute arbitrary code via a crafted script. The connected documents consistently describe the issue as a stored/refle...

CVE-2024-51055

An issue Hoosk v1.7.1 allows a remote attacker to execute arbitrary code via a crafted script to the config.php component...

CVE-2024-51055

An issue Hoosk v1.7.1 allows a remote attacker to execute arbitrary code via a crafted script to the config.php component...

CVE-2024-51055

CVE-2024-51055 concerns Hoosk (v1.7.1). A crafted script injected into the config.php component enables remote code execution by an attacker, per multiple sources (NVD/Red Hat/CNNVD/CIRCL/CVE list). Affected software: Hoosk 1.7.1; vulnerable component: config.php. Root cause: crafted script execu...