154 matches found
EUVD-2020-29862
Malware in sbrugna...
EUVD-2010-4564
Malware in sbrugna...
EUVD-2018-6859
Malware in sbrugna...
EUVD-2021-20632
Malware in sbrugna...
CVE-2025-11337
A vulnerability was detected in Four-Faith Water Conservancy Informatization Platform up to 2.2. This affects an unknown part of the file /aloneReport/index.do/../../aloneReport/download.do;othersusrlogout.do. Performing manipulation of the argument fileName results in path traversal. It is...
CVE-2025-11336
A security vulnerability has been detected in Four-Faith Water Conservancy Informatization Platform up to 2.2. Affected by this issue is some unknown functionality of the file /stAlarmConfigure/index.do/../../aloneReport/download.do;otherlogout.do. Such manipulation of the argument fileName leads...
CVE-2025-11337 Four-Faith Water Conservancy Informatization Platform download.do;othersusrlogout.do path traversal
A vulnerability was detected in Four-Faith Water Conservancy Informatization Platform up to 2.2. This affects an unknown part of the file /aloneReport/index.do/../../aloneReport/download.do;othersusrlogout.do. Performing manipulation of the argument fileName results in path traversal. It is...
Four-Faith Water Conservancy Informatization Platform 路径遍历漏洞
Four-Faith Water Conservancy Informatization Platform is a water conservancy informatization system from Four-Faith. A path traversal vulnerability exists in Four-Faith Water Conservancy Informatization Platform version 2.2 and prior versions, which stems from an incorrect manipulation of the...
Four-Faith Water Conservancy Informatization Platform 路径遍历漏洞
Four-Faith Water Conservancy Informatization Platform is a water conservancy informatization system from Four-Faith. A path traversal vulnerability exists in Four-Faith Water Conservancy Informatization Platform version 2.2 and prior versions, which stems from an incorrect manipulation of the...
PT-2025-40894
Name of the Vulnerable Software and Affected Versions Four-Faith Water Conservancy Informatization Platform versions prior to 2.3 Description A path traversal issue exists in Four-Faith Water Conservancy Informatization Platform. The issue affects files including...
EUVD-2025-25756
Malicious code in bioql PyPI...
EUVD-2023-27394
Malicious code in bioql PyPI...
CVE-2025-10709
A vulnerability was detected in Four-Faith Water Conservancy Informatization Platform 1.0. Affected by this issue is some unknown functionality of the file /history/historyDownload.do;otheruserLogin.do;getfile. The manipulation of the argument fileName results in path traversal. The attack can be...
CVE-2025-10709
A vulnerability was detected in Four-Faith Water Conservancy Informatization Platform 1.0. Affected by this issue is some unknown functionality of the file /history/historyDownload.do;otheruserLogin.do;getfile. The manipulation of the argument fileName results in path traversal. The attack can be...
CVE-2025-52053
TOTOLINK X6000R V9.4.0cu.1360B20241207 was found to contain a command injection vulnerability in the sub417D74 function via the filename parameter. This vulnerability allows unauthenticated attackers to execute arbitrary commands via a crafted request...
EUVD-2025-29199
TOTOLINK X6000R V9.4.0cu.1360B20241207 was found to contain a command injection vulnerability in the sub417D74 function via the filename parameter. This vulnerability allows unauthenticated attackers to execute arbitrary commands via a crafted request...
CVE-2025-52053
TOTOLINK X6000R V9.4.0cu.1360B20241207 was found to contain a command injection vulnerability in the sub417D74 function via the filename parameter. This vulnerability allows unauthenticated attackers to execute arbitrary commands via a crafted request...
CVE-2025-52053
TOTOLINK X6000R V9.4.0cu.1360B20241207 was found to contain a command injection vulnerability in the sub417D74 function via the filename parameter. This vulnerability allows unauthenticated attackers to execute arbitrary commands via a crafted request...
CVE-2025-52053
TOTOLINK X6000R V9.4.0cu.1360B20241207 was found to contain a command injection vulnerability in the sub417D74 function via the filename parameter. This vulnerability allows unauthenticated attackers to execute arbitrary commands via a crafted request...
CVE-2025-52053
The CVE-2025-52053 entry concerns TOTOLINK X6000R firmware (version 9.4.0cu.1360_B20241207). Several connected sources confirm a command injection in the sub_417D74 function triggered by the file_name parameter, enabling unauthenticated arbitrary command execution. This is rooted in insufficient ...