Lucene search
+L

195 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-20065

Malware in sbrugna...

9CVSS8.6AI score0.02739EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-1979

Malware in sbrugna...

9CVSS8.6AI score0.02224EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2025-19331

Malicious code in bioql PyPI...

6.3CVSS6.4AI score0.00598EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-28371

Malicious code in bioql PyPI...

9.8CVSS6.4AI score0.01626EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-27446

Malicious code in bioql PyPI...

7.2CVSS4.9AI score0.00907EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-1820

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.02484EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/08/30 6:21 p.m.10 views

CVE-2025-50428

In RaspAP raspap-webgui 3.3.2 and earlier, a command injection vulnerability exists in the includes/hostapd.php script. The vulnerability is due to improper sanitizing of user input passed via the interface parameter...

9.8CVSS7.6AI score0.01626EPSS
Exploits2References1
NVD
NVD
added 2025/08/27 5:15 p.m.6 views

CVE-2025-50428

In RaspAP raspap-webgui 3.3.2 and earlier, a command injection vulnerability exists in the includes/hostapd.php script. The vulnerability is due to improper sanitizing of user input passed via the interface parameter...

9.8CVSS0.01626EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2025/08/27 12:0 a.m.2 views

CVE-2025-50428

In RaspAP raspap-webgui 3.3.2 and earlier, a command injection vulnerability exists in the includes/hostapd.php script. The vulnerability is due to improper sanitizing of user input passed via the interface parameter...

7.1AI score0.01626EPSS
Exploits2References2
CNNVD
CNNVD
added 2025/08/27 12:0 a.m.5 views

raspap-webgui 安全漏洞

raspap-webgui is a wireless router setup software from RaspAP open source. A security vulnerability exists in raspap-webgui 3.3.2 and earlier versions, which stems from the hostapd.php script not clearing the interface parameter, which could lead to a command injection attack...

9.8CVSS7AI score0.01626EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2025/08/27 12:0 a.m.11 views

PT-2025-34904 · Unknown · Raspap Raspap-Webgui

Name of the Vulnerable Software and Affected Versions: RaspAP raspap-webgui versions prior to 3.3.3 Description: A command injection issue exists in the includes/hostapd.php script due to improper sanitization of user input passed via the interface parameter. Recommendations: Update RaspAP...

9.8CVSS7AI score0.01626EPSS
Exploits2References5
Cvelist
Cvelist
added 2025/08/27 12:0 a.m.13 views

CVE-2025-50428

In RaspAP raspap-webgui 3.3.2 and earlier, a command injection vulnerability exists in the includes/hostapd.php script. The vulnerability is due to improper sanitizing of user input passed via the interface parameter...

0.01626EPSS
Exploits2References2
CVE
CVE
added 2025/08/27 12:0 a.m.29 views

CVE-2025-50428

The CVE-2025-50428 issue affects RaspAP raspap-webgui, where the includes/hostapd.php script does not properly sanitize the interface parameter, enabling a command injection. Reported impacts include arbitrary code execution with www-data privileges and potential privilege escalation. Documented ...

9.8CVSS7.6AI score0.01626EPSS
Exploits2References2Affected Software1
OSV
OSV
added 2025/08/27 12:0 a.m.8 views

CVE-2025-50428

In RaspAP raspap-webgui 3.3.2 and earlier, a command injection vulnerability exists in the includes/hostapd.php script. The vulnerability is due to improper sanitizing of user input passed via the interface parameter...

9.8CVSS7.6AI score0.01626EPSS
Exploits2References4
GithubExploit
GithubExploit
added 2025/08/13 8:8 p.m.311 views

Exploit for CVE-2025-50428

!CVEhttps://img.shields.io/badge/CVE-2025--50428-high?style=f...

9.8CVSS9.2AI score0.01626EPSS
Exploits2
Veracode
Veracode
added 2025/06/30 12:49 p.m.11 views

Directory Traversal

billz/raspap-webgui is vulnerable to Directory Traversal. The vulnerability is due to improper input validation due to the entity parameter in ajax/networking/getwgkey.php allowing crafted POST requests that leverage the tee command to overwrite arbitrary files writable by the web server...

6.3CVSS6.4AI score0.00598EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/06/29 12:6 a.m.43 views

CVE-2025-44163

RaspAP raspap-webgui 3.3.1 is vulnerable to Directory Traversal in ajax/networking/getwgkey.php. An authenticated attacker can send a crafted POST request with a path traversal payload in the entity parameter to overwrite arbitrary files writable by the web server via abuse of the tee command use...

6.3CVSS6.5AI score0.00598EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2025/06/27 3:31 p.m.21 views

raspap-webgui has a Directory Traversal vulnerability

RaspAP raspap-webgui 3.3.1 is vulnerable to Directory Traversal in ajax/networking/getwgkey.php. An authenticated attacker can send a crafted POST request with a path traversal payload in the entity parameter to overwrite arbitrary files writable by the web server via abuse of the tee command use...

6.3CVSS7.2AI score0.00598EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2025/06/27 3:31 p.m.11 views

GHSA-277F-37GW-9GMQ raspap-webgui has a Directory Traversal vulnerability

RaspAP raspap-webgui 3.3.1 is vulnerable to Directory Traversal in ajax/networking/getwgkey.php. An authenticated attacker can send a crafted POST request with a path traversal payload in the entity parameter to overwrite arbitrary files writable by the web server via abuse of the tee command use...

8.7CVSS7.2AI score0.00598EPSS
Exploits1References5
NVD
NVD
added 2025/06/27 2:15 p.m.7 views

CVE-2025-44163

RaspAP raspap-webgui 3.3.1 is vulnerable to Directory Traversal in ajax/networking/getwgkey.php. An authenticated attacker can send a crafted POST request with a path traversal payload in the entity parameter to overwrite arbitrary files writable by the web server via abuse of the tee command use...

6.3CVSS0.00598EPSS
Exploits1References2
Rows per page
Query Builder