151 matches found
WordPress events-manager plugin code injection vulnerability
WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. events-manager is an events management plugin used in it. A code injection vulnerability exists in the WordPress events-manager...
Atlassian Crowd Code Injection Vulnerability
Atlassian Crowd is a Web-based single sign-on system from Atlassian Australia. The system provides authentication, authorization, and other functions for multiple users, web applications, and directory servers. A code injection vulnerability exists in Atlassian Crowd versions prior to 2.10.2, whi...
Couchbase Server Code Injection Vulnerability
Couchbase Server is a distributed open source NoSQL non-relational database from the U.S. company Couchbase , which mainly supports data query , full-text search and active global replication and other functions . A code injection vulnerability exists in Couchbase Server version 5.1.1. The...
LibreNMS Code Injection Vulnerability
LibreNMS is an open source network monitoring system based on PHP and MySQL. The system features customizable alerts , auto-discovery of the network environment and automatic updates . A code injection vulnerability exists in LibreNMS version 1.50.1, which can be exploited by an attacker to...
openITCOCKPIT Code Injection Vulnerability
openITCOCKPIT is a set of open source system monitoring tools . A code injection vulnerability exists in versions of openITCOCKPIT prior to 3.7.1. The vulnerability arises from external input data to construct code segments in the process , the network system or product is not properly filtered f...
Code Injection Vulnerability in Multiple Bitdefender Products
Bitdefender Endpoint Security Tool and others are products of the Romanian company Bitdefender.Bitdefender Endpoint Security Tool is an endpoint security management tool.Bitdefender Antivirus Plus is a suite of antivirus programs that provide network threat detection and ransomware protection...
Dolibarr ERP/CRM Command Execution Vulnerability
Dolibarr ERP/CRM is a Web-based enterprise resource planning ERP and customer relationship management CRM system from the Dolibarr Foundation in France. The system can be used to manage products, inventory, invoices, orders, and more. A code execution vulnerability exists in Dolibarr ERP/CRM. The...
xstream code injection vulnerability
xstream is an open source Java class library , it can serialize objects into XML or deserialize XML into objects . . A code injection vulnerability exists in xstream. The vulnerability stems from a network system or product that does not properly filter special elements of externally entered data...
Eclipse OpenJ9 code injection vulnerability
Eclipse OpenJ9 is a Java application engine from the Eclipse Foundation. The product is primarily used to run Java applications. A code injection vulnerability exists in AIX builds in Eclipse OpenJ9 versions prior to 0.15.0. The vulnerability stems from a networked system or product that does not...
ProClima Code Injection Vulnerability
Schneider Electric ProClima is a heat calculation software package from Schneider Electric, France. The software provides thermal management capabilities for environmental and electrical/electronic equipment installed in control panels by analyzing specified thermal data. A code injection...
Palo Alto Networks Traps Code Injection Vulnerability
Palo Alto Networks Traps is a suite of endpoint security protection software from Palo Alto Networks, USA. A code injection vulnerability exists in Palo Alto Networks Traps 5.0.5 and prior versions. The vulnerability stems from a network system or product not properly filtering specific elements ...
SAP E-Commerce Code Injection Vulnerability
SAP E-Commerce is a set of e-commerce solutions from Germany's SAP. A code injection vulnerability exists in SAP E-Commerce, which arises from the failure of a network system or product to properly filter specific elements of externally entered data during the construction of a code segment, and...
EmpireCMS Code Injection Vulnerability
EmpireCMS Empire Content Management System is an open source content management system CMS. A code injection vulnerability exists in the admindbDoSql.php file in EmpireCMS 7.5 and earlier versions, which can be exploited by an attacker to generate illegal code snippets that modify the intended...
RICOH SP 4520DN Code Injection Vulnerability
The RICOH SP 4520DN is a multifunction printer from Ricoh Japan. A code injection vulnerability exists in the RICOH SP 4520DN, which arises from a network system or product that does not properly filter specific elements of externally inputted data during the construction of a code segment, and c...
RICOH SP 4510DN Code Injection Vulnerability
The RICOH SP 4510DN is a multifunction printer from Ricoh Japan. A code injection vulnerability exists in the RICOH SP 4510DN, which arises from a network system or product that does not properly filter specific elements of externally inputted data during the construction of a code segment, and c...
Orpak SitOmat Code Injection Vulnerability
Orpak SitOmat is a remote takeover refueling system from Orpak India. A code injection vulnerability exists in Orpak SitOmat, which arises from the failure of a network system or product to properly filter specific elements of externally inputted data during the construction of a code segment, an...
shopify-scripts: Buffer overflow in yywarning_s
PoC === The following demonstrates a crash: 300000000000000000000000000000000000000000000000E0030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 Debug...
ZZZCMS zzzphp code injection vulnerability
ZZZCMS zzzphp is a content management system CMS. A code injection vulnerability exists in ZZZCMS zzzphp v1.6.3, which originates from a network system or product that does not properly filter specific elements of externally entered data during the construction of a code segment. An attacker can...
CMS Made Simple Code Injection Vulnerability
CMS Made Simple CMSMS is an open source content management system CMS from the CMSMS team. The system supports role-based rights management system , wizard-based installation and update mechanism , intelligent caching mechanism and so on. A code injection vulnerability exists in CMSMS version...
Frog CMS Code Injection Vulnerability (CNVD-2019-34646)
Frog CMS is a Content Management System CMS developed by Philippe Archambault Software Developers. The system provides tools for page templates, user rights management and document management. A code injection vulnerability exists in Frog CMS. An attacker could use this vulnerability to generate...