CVE-2018-10825

Mimo Baby 2 devices do not use authentication or encryption for the Bluetooth Low Energy BLE communication from a Turtle to a Lilypad, which allows attackers to inject fake information about the position and temperature of a baby via a replay or spoofing attack...

SQL Injection Vulnerability in Cloud EC E-commerce System at Front-end User Comments

Cloud EC e-commerce system hereinafter referred to as Cloud EC is a set of PHP + MYSQL-based open source e-commerce system software developed independently by Cloud MYSQL e-commerce Co. Cloud EC e-commerce system SQL injection vulnerability exists in the front-end user comments. Attackers can use...

CVE-2018-9846

In Roundcube from versions 1.2.0 to 1.3.5, with the archive plugin enabled and configured, it's possible to exploit the unsanitized, user-controlled "uid" parameter in an archive.php task=mail&mbox=INBOX&action=plugin.move2archive request to perform an MX IMAP injection attack by placing an IMAP...

CVE-2018-1096

An input sanitization flaw was found in the id field in the dashboard controller of Foreman before 1.16.1. A user could use this flaw to perform an SQL injection attack on the back end database...

CVE-2018-1096

An input sanitization flaw was found in the id field in the dashboard controller of Foreman before 1.16.1. A user could use this flaw to perform an SQL injection attack on the back end database...

SQL injection vulnerability in news_show.asp page of Chengdu Firefox Technology Co.

Chengdu Firefox Technology Co., Ltd. is a set of research, promotion and development of new technology areas of the network, mainly dedicated to the enterprise information technology services of the network company. There is a SQL injection vulnerability in the newsshow.asp page of Chengdu Firefo...

Dongguan Lightspeed Network Technology Co., Ltd. website building system has SQL injection vulnerabilities

Dongguan Lightspeed Networks specializes in providing website design services for the majority of small and medium-sized enterprises, government agencies and so on. Dongguan Lightspeed Network Technology Co., Ltd. website building system has SQL injection vulnerability, attackers can use the...

MGASA-2018-0154 Updated leptonica packages fix a security vulnerability

Package leptonica has been updated to the current stable version 1.75.2 which fixes a security issue potential injection attack using gplot rootdir reported in CVE-2018-3836...

Updated leptonica packages fix a security vulnerability

Package leptonica has been updated to the current stable version 1.75.2 which fixes a security issue potential injection attack using gplot rootdir reported in CVE-2018-3836...

USN-3584-1: sensible-utils vulnerability

Gabriel Corona discovered that sensible-utils incorrectly validated strings when launcher a browser with the sensible-browser tool. A remote attacker could possibly use this issue with a specially crafted URL to conduct an argument injection attack and execute arbitrary code...

Design/Logic Flaw

webcheckout in myrepos through 1.20171231 does not sanitize URLs that are passed to git clone, allowing a malicious website operator or a MitM attacker to take advantage of it for arbitrary code execution, as demonstrated by an "ext::sh -c" attack or an option injection attack...

CVE-2018-7032

webcheckout in myrepos through 1.20171231 does not sanitize URLs that are passed to git clone, allowing a malicious website operator or a MitM attacker to take advantage of it for arbitrary code execution, as demonstrated by an "ext::sh -c" attack or an option injection attack...

CVE-2018-7032

webcheckout in myrepos through 1.20171231 does not sanitize URLs that are passed to git clone, allowing a malicious website operator or a MitM attacker to take advantage of it for arbitrary code execution, as demonstrated by an "ext::sh -c" attack or an option injection attack...

JEXTN Classified SQL Injection Vulnerability

Joomla! is the U.S. Open Source Matters team developed a set of open source content management system CMS, the system provides RSS feeds , site search and other features . JEXTN Classified component is used in one of the classified directory components . A SQL injection vulnerability exists in...

CVE-2017-14523

WonderCMS 2.3.1 is vulnerable to an HTTP Host header injection attack. It uses user-entered values to redirect pages. NOTE: the vendor reports that exploitation is unlikely because the attack can only come from a local machine or from the administrator as a self attack...

CVE-2017-14523

WonderCMS 2.3.1 is vulnerable to an HTTP Host header injection that allows host header manipulation to redirect pages. The CVE entry notes exploitation is unlikely because the attack would originate from a local machine or an administrator (self-attack). Public exploit references (Exploit-DB/Pack...

Cisco D9800 Network Transport Receiver OS Command Injection Vulnerability

A vulnerability in the web management GUI of the Cisco D9800 Network Transport Receiver could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of GUI command arguments. An attacker could exploit this...

Design/Logic Flaw

DISPUTED swt/motif/browser.c in Whitedune aka whitedune 0.30.10 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: This issue is being disputed as n...

Design/Logic Flaw

guiclient/guiclient.cpp in xTuple PostBooks 4.7.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...

CVE-2017-17515

etc/ObjectList in Metview 4.7.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a third party has indicated that the code to access this...