19611 matches found
CVE-2024-55964
An issue was discovered in Appsmith before 1.52. An incorrectly configured PostgreSQL instance in the Appsmith image leads to remote command execution inside the Appsmith Docker container. The attacker must be able to access Appsmith, login to it, create a datasource, create a query against that...
Aishida Call Center System 注入漏洞
Aishida Call Center System is a call center system from Aishida China. An injection vulnerability exists in Aishida Call Center System 20250314 and prior versions, which originates from a command injection that could remotely launch an attack...
CVE-2025-28219
Netgear DC112A V1.0.0.64 has an OS command injection vulnerability in the usbadv.cgi, which allows remote attackers to execute arbitrary commands via parameter "deviceName" passed to the binary through a POST request...
CVE-2025-28138
The TOTOLINK A800R V4.1.2cu.5137B20200730 were found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter...
CVE-2025-28138
The TOTOLINK A800R V4.1.2cu.5137B20200730 were found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter...
CVE-2025-28138
The CVE-2025-28138 vulnerability affects the TOTOLINK A800R router (V4.1.2cu.5137_B20200730). A pre-auth remote command execution flaw exists in the setNoticeCfg function via the NoticeUrl parameter, enabling remote code execution without authentication and impacting confidentiality, integrity, a...
CVE-2025-28138
The TOTOLINK A800R V4.1.2cu.5137B20200730 were found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter...
CVE-2025-28138
TOTOLINK A800R V4.1.2cu.5137B20200730 contains a remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter...
GPT Academic Code Issue Vulnerability
GPT Academic is an interface that provides pragmatic interactions for LLM grand language models such as GPT/GLM. GPT Academic suffers from a code issue vulnerability that arises from unsafe deserialization of serialized data received from users by the Latex English Error Correction Plugin feature...
The vulnerability of the Telnet protocol implementation in the microprogramming-based router software Tenda AC7 allows a hacker to execute arbitrary commands.
The vulnerability of the Telnet protocol implementation in the Tenda AC7 microprogramming router software lies in the lack of measures taken to clean data at the management level when processing the lanip parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary...
CVE-2024-55964
An issue was discovered in Appsmith before 1.52. An incorrectly configured PostgreSQL instance in the Appsmith image leads to remote command execution inside the Appsmith Docker container. The attacker must be able to access Appsmith, login to it, create a datasource, create a query against that...
CVE-2024-55964
An issue was discovered in Appsmith before 1.52. An incorrectly configured PostgreSQL instance in the Appsmith image leads to remote command execution inside the Appsmith Docker container. The attacker must be able to access Appsmith, login to it, create a datasource, create a query against that...
CVE-2024-55964
An issue was discovered in Appsmith before 1.52. An incorrectly configured PostgreSQL instance in the Appsmith image leads to remote command execution inside the Appsmith Docker container. The attacker must be able to access Appsmith, login to it, create a datasource, create a query against that...
Appsmith 安全漏洞
Appsmith is an open source platform for building, deploying, and maintaining internal applications from Appsmith Open Source. A security vulnerability exists in Appsmith versions prior to 1.52 that stems from a PostgreSQL misconfiguration that could lead to remote command execution...
CVE-2024-55964
CVE-2024-55964 — Appsmith RCE : A misconfigured PostgreSQL instance in the Appsmith image (pre-1.52) enables remote command execution inside the Appsmith Docker container. To exploit, an attacker must access Appsmith, log in, create a datasource, craft a query against that datasource, and execute...
PT-2025-12998
Name of the Vulnerable Software and Affected Versions Appsmith versions prior to 1.52 Description An issue was discovered in Appsmith where an incorrectly configured PostgreSQL instance in the Appsmith image leads to remote command execution inside the Appsmith Docker container. The attacker must...
CVE-2024-55964
An issue was discovered in Appsmith before 1.52. An incorrectly configured PostgreSQL instance in the Appsmith image leads to remote command execution inside the Appsmith Docker container. The attacker must be able to access Appsmith, login to it, create a datasource, create a query against that...
ROS-20250326-10
A vulnerability in the Nextcloud calendar cloud software application for creating and utilizing a Nextcloud data warehouse is related to the failure to clean up line breaks and special characters in the email value in a JSON request. Exploitation of the vulnerability could allow an attacker actin...
CVE-2025-29635
A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /goform/setprohibiting via the corresponding function, triggering remote command execution...
CVE-2025-29635
A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to /goform/setprohibiting via the corresponding function, triggering remote command execution...