Lucene search
K

12 matches found

CVE
CVE
added 2026/02/13 3:39 a.m.34 views

CVE-2026-25108

Soliton Systems K.K. FileZen contains an OS command injection vulnerability (CVE-2026-25108) exploitable when the Antivirus Check Option is enabled. An authenticated user can issue a crafted HTTP request to execute arbitrary OS commands. Affected versions include FileZen 4.2.1–4.2.8 and 5.0.0–5.0...

8.8CVSS8.2AI score0.04974EPSS
In wildExploits0References3Affected Software1
CNNVD
CNNVD
added 2025/08/26 12:0 a.m.2 views

Mahara 安全漏洞

Mahara is a free and open source web-based ePortfolio management system from Mahara. A security vulnerability exists in Mahara versions 23.04.8 and 24.04.4 that stems from a learning tool interoperability login that could result in elevated privileges...

8.8CVSS6.7AI score0.00292EPSS
Exploits0References3
Prion
Prion
added 2024/03/02 3:15 a.m.19 views

Input validation

Due to insufficient server-side validation, an attacker with login privileges could access certain resources that the attacker should not have access to by changing parameter values...

4CVSS7.2AI score0.00425EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/03/01 12:0 a.m.3 views

PT-2024-2300 · Hikvision · Hikcentral Professional

Name of the Vulnerable Software and Affected Versions: HikCentral Professional affected versions not specified Description: The issue is related to insufficient server-side validation, allowing an attacker with login privileges to access certain resources by changing parameter values. This could...

4.3CVSS7.2AI score0.00425EPSS
Exploits0References8
OSV
OSV
added 2021/02/09 10:15 p.m.2 views

CVE-2020-26194

Dell EMC PowerScale OneFS versions 8.1.2 and 8.2.2 contain an Incorrect Permission Assignment for a Critical Resource vulnerability. This may allow a non-admin user with either ISIPRIVLOGINCONSOLE or ISIPRIVLOGINSSH privileges to exploit the vulnerability, leading to compromised cryptographic...

7.8CVSS7.1AI score0.0025EPSS
Exploits0References1
CNVD
CNVD
added 2018/10/25 12:0 a.m.3 views

Arbitrary File Upload Vulnerability in Metadata Platform (MetaCube) of Puyuan Information Technology Co.

Metadata Platform MetaCube of Puyuan Information Technology Co., Ltd. is a tool support for enterprises to establish metadata management system. An arbitrary file upload vulnerability exists in the MetaCube platform of Puyuan Information Technology Co. An attacker can exploit the vulnerability to...

7.3AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/05 12:0 a.m.118 views

HPE iLO 4 < 2.53 - Add New Administrator User

!/usr/bin/env python """ Exploit trigger was presented @reconbrx 2018 Vulnerability found and documented by synacktiv: https://www.synacktiv.com/posts/exploit/rce-vulnerability-in-hp-ilo.html Original advisory from HP: https://support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03769enus Other...

10CVSS9.5AI score0.99335EPSS
Exploits9
CNVD
CNVD
added 2017/05/25 12:0 a.m.2 views

PgBouncer Security Vulnerability

PgBouncer is a lightweight set of database connection pooling tools for PostgreSQL , it can provide a unified view of the links to the client . A security vulnerability exists in version 1.6.x of PgBouncer prior to 1.6.1. A remote attacker can exploit this vulnerability to gain login privileges...

8.1CVSS7.1AI score0.02163EPSS
Exploits0References1
CNVD
CNVD
added 2016/04/06 12:0 a.m.3 views

Rockwell Automation Integrated Architecture Builder Arbitrary Code Execution Vulnerability

Rockwell Automation Integrated Architecture Builder IAB is a Logix-based automation system for configuring industrial control systems used in Rockwell Automation. An arbitrary code execution vulnerability exists in Rockwell Automation IAB. The vulnerability can be exploited by an attacker to...

6.9CVSS8.2AI score0.00902EPSS
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.30 views

MySQL 3.20.32/3.22.x/3.23.x Null Root Password Weak Default Configuration Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/5503/info MySQL is is an open source relational database project, and is available for a number of operating systems, including Microsoft Windows. A weak default configuration problem has been reported in the Windows bina...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2002/10/05 12:0 a.m.34 views

MySQL 3.20.32/3.22.x/3.23.x - Null Root Password Weak Default Configuration (2)

/ source: https://www.securityfocus.com/bid/5503/info MySQL is is an open source relational database project, and is available for a number of operating systems, including Microsoft Windows. A weak default configuration problem has been reported in the Windows binary release of MySQL. Reportedly,...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/08/19 12:0 a.m.45 views

MySQL 3.20.32/3.22.x/3.23.x - Null Root Password Weak Default Configuration (1)

/ source: https://www.securityfocus.com/bid/5503/info MySQL is is an open source relational database project, and is available for a number of operating systems, including Microsoft Windows. A weak default configuration problem has been reported in the Windows binary release of MySQL. Reportedly,...

7.4AI score
Exploits0
Rows per page
Query Builder