Lucene search
K

76 matches found

Positive Technologies
Positive Technologies
added 2024/05/07 12:0 a.m.4 views

PT-2024-25124 · Roothub · Roothub

Name of the Vulnerable Software and Affected Versions: Roothub version 2.6 Description: The issue is related to a SQL injection vulnerability. This vulnerability occurs via the topic parameter in the list function. Recommendations: For Roothub version 2.6, consider restricting the use of the list...

6.3CVSS8.1AI score0.00339EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/05/07 12:0 a.m.14 views

CVE-2024-33124

Roothub v2.6 was discovered to contain a SQL injection vulnerability via the nodeTitle parameter in the parentNode function...

8.3AI score0.00503EPSS
Exploits0References1
CVE
CVE
added 2024/05/07 12:0 a.m.61 views

CVE-2024-33122

CVE-2024-33122 affects Roothub v2.6. A SQL injection vulnerability exists in the list() function via the topic parameter, caused by unsafe SQL construction. CVSS 3.1 base score 6.3 (Medium) with Low impact across confidentiality, integrity, and availability. No exploits details are provided in th...

6.3CVSS8.2AI score0.00339EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/05/07 12:0 a.m.28 views

CVE-2024-33120

Roothub v2.5 was discovered to contain an arbitrary file upload vulnerability via the customPath parameter in the upload function. This vulnerability allows attackers to execute arbitrary code via a crafted JSP file...

8AI score0.00772EPSS
Exploits0References1
NVD
NVD
added 2024/05/06 8:15 p.m.19 views

CVE-2024-33121

Roothub v2.6 was discovered to contain a SQL injection vulnerability via the 's' parameter in the search function...

6.3CVSS7.8AI score0.00329EPSS
Exploits0References1
OSV
OSV
added 2024/05/06 8:15 p.m.4 views

CVE-2024-33121

Roothub v2.6 was discovered to contain a SQL injection vulnerability via the 's' parameter in the search function...

6.3CVSS5.8AI score0.00329EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/06 12:0 a.m.3 views

Roothub 安全漏洞

Roothub is a forum system developed using SSM and MySQL. A security vulnerability exists in Roothub v2.6, which was discovered to contain an SQL injection vulnerability via the "s" parameter in the search function...

6.3CVSS8.3AI score0.00329EPSS
Exploits0References2
CVE
CVE
added 2024/05/06 12:0 a.m.55 views

CVE-2024-33121

CVE-2024-33121 affects Roothub v2.6, where the SQL injection vulnerability exists in the search() function through the 's' parameter. Exploitation details are not provided in the documents, but multiple sources corroborate an SQL injection issue in Roothub v2.6. The CVSS v3.1 base score is 6.3 (M...

6.3CVSS8.2AI score0.00329EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/06 12:0 a.m.15 views

CVE-2024-33121

Roothub v2.6 was discovered to contain a SQL injection vulnerability via the 's' parameter in the search function...

8.3AI score0.00329EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/05/06 12:0 a.m.4 views

PT-2024-25123 · Roothub · Roothub

Name of the Vulnerable Software and Affected Versions: Roothub version 2.6 Description: A SQL injection issue was discovered in Roothub via the s parameter in the search function. This allows for potential exploitation. No information is provided about the estimated number of potentially affected...

6.3CVSS8.1AI score0.00329EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/05/06 12:0 a.m.17 views

CVE-2024-33121

Roothub v2.6 was discovered to contain a SQL injection vulnerability via the 's' parameter in the search function...

8.1AI score0.00329EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2023/05/16 8:56 a.m.2 views

kernel: xhci: Fix null pointer dereference in remove if xHC has only one roothub

In the Linux kernel, the following vulnerability has been resolved: xhci: Fix null pointer dereference in remove if xHC has only one roothub The remove path in xhci platform driver tries to remove and put both main and shared hcds even if only a main hcd exists one roothub This causes a null...

5.5CVSS6.3AI score0.00184EPSS
Exploits0References5
OSV
OSV
added 2022/09/16 11:23 p.m.6 views

GSD-2022-1004987 xhci: Fix null pointer dereference in remove if xHC has only one roothub

xhci: Fix null pointer dereference in remove if xHC has only one roothub This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.8 by commit...

7.2AI score
Exploits0
CNVD
CNVD
added 2022/04/15 12:0 a.m.13 views

Roothub SQL Injection Vulnerability (CNVD-2022-44243)

Roothub is a forum system developed using SSM and MySQL.Roothub suffers from a SQL injection vulnerability, which stems from the lack of validation of external input SQL statements in the s parameter of the Topics Searching feature, and can be exploited by attackers to execute illegal SQL command...

9.8CVSS5.2AI score0.01294EPSS
Exploits1References1
CNVD
CNVD
added 2022/04/15 12:0 a.m.43 views

Roothub directory traversal vulnerability

Roothub is a forum system developed using SSM and MySQL. version 2.6.0 of Roothub is vulnerable to a directory traversal vulnerability that stems from a failure to properly filter resource or file paths in the file cn/roothub/store/FileSystemStorageService in the function store in the function...

6CVSS5.3AI score0.02369EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2022/04/15 12:0 a.m.12 views

Roothub SQL Injection Vulnerability

Roothub is a forum system developed using SSM and MySQL.Roothub is vulnerable to SQL injection, which stems from the lack of validation of external input SQL statements in the s parameter of the Topics Counting feature, and can be exploited by attackers to execute illegal SQL commands to steal...

9.8CVSS5.4AI score0.01294EPSS
Exploits1References1
OSV
OSV
added 2022/04/13 3:15 p.m.4 views

CVE-2022-28052

Directory Traversal vulnerability in file cn/roothub/store/FileSystemStorageService in function store in Roothub 2.6.0 allows remote attackers with low privlege to arbitrarily upload files via /common/upload API, which could lead to remote arbitrary code execution...

8CVSS6AI score0.02369EPSS
Exploits1References2
NVD
NVD
added 2022/04/13 3:15 p.m.19 views

CVE-2022-28052

Directory Traversal vulnerability in file cn/roothub/store/FileSystemStorageService in function store in Roothub 2.6.0 allows remote attackers with low privlege to arbitrarily upload files via /common/upload API, which could lead to remote arbitrary code execution...

8CVSS0.02369EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/04/13 3:15 p.m.3 views

CVE-2022-28052

Directory Traversal vulnerability in file cn/roothub/store/FileSystemStorageService in function store in Roothub 2.6.0 allows remote attackers with low privlege to arbitrarily upload files via /common/upload API, which could lead to remote arbitrary code execution...

8CVSS7.4AI score0.02369EPSS
Exploits1References3
Prion
Prion
added 2022/04/13 3:15 p.m.10 views

Directory traversal

Directory Traversal vulnerability in file cn/roothub/store/FileSystemStorageService in function store in Roothub 2.6.0 allows remote attackers with low privlege to arbitrarily upload files via /common/upload API, which could lead to remote arbitrary code execution...

6CVSS8.1AI score0.02369EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder