3 matches found
CVE-2026-44886 Pi.Alert: Web Interface Vulnerable to Unauthenticated Blind SQL Injection
Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. From 2024-06-29 to before 2026-05-07, the web application endpoint is vulnerable to SQL injection. The /pialert/php/server/devices.php route accepts requests from unauthenticated users when the action URL parameter is set to...
CVE-2010-20109
CVE-2010-20109 affects Barracuda Spam & Virus Firewall, SSL VPN, and Web Application Firewall before October 2010. The flaw is a path traversal in the view_help.cgi endpoint caused by improper sanitization of the locale parameter, allowing unauthenticated remote attackers to inject traversal sequ...
Razer Synapse Local Elevation of Privilege Vulnerability (CNVD-2017-29736)
Razer Synapse is a Razer device configuration software from Razer USA. A security vulnerability exists in Razer Synapse 2.20.15.1104 and earlier versions, which stems from the program assigning weak privileges to the Devices path. A local attacker can exploit this vulnerability to gain privileges...