15 matches found
EUVD-2026-33297
FreePBX is an open source IP PBX. Prior to 16.0.22 and 17.0.5, the Dashboard module's getcontent AJAX handler includes PHP files based on user-supplied input without path sanitization. The $REQUEST'rawname' parameter is concatenated into an include call with a .class.php suffix, allowing path...
TOTOLINK A3300R 命令注入漏洞
TOTOLINK A3300R is a wireless router produced by TOTOLINK Corporation. The TOTOLINK A3300R version 17.0.0cu.557b20221024 contains a command injection vulnerability. This vulnerability arises from improper handling of the parameter “lanIp” in the file /cgi-bin/cstecgi.cgi, which may lead to comman...
CVE-2025-69376 WordPress User Extra Fields plugin <= 17.0 - Arbitrary File Deletion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in vanquish User Extra Fields wp-user-extra-fields allows Path Traversal.This issue affects User Extra Fields: from n/a through = 17.0...
PT-2025-46231
Name of the Vulnerable Software and Affected Versions SQL Anywhere Monitor Non-GUI version 17.0 versions prior to SAP Note 3666261 Description The SQL Anywhere Monitor Non-GUI contains hard-coded credentials within its code. This allows unintended users access to resources and functionality,...
PT-2025-42181
Name of the Vulnerable Software and Affected Versions FreePBX Endpoint Manager versions prior to 16.0.92 FreePBX Endpoint Manager versions prior to 17.0.6 Description The software includes a Network Scanning feature that provides web-based access to nmap functionality for network device discovery...
CVE-2024-1153
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Talya Informatics Travel APPS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Travel APPS: before v17.0.68...
CVE-2020-14709
Vulnerability in the Customer Management and Segmentation Foundation product of Oracle Retail Applications component: Card. Supported versions that are affected are 16.0, 17.0 and 18.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...
CVE-2018-3312
Vulnerability in the Oracle Retail Customer Engagement component of Oracle Retail Applications subcomponent: Segment. Supported versions that are affected are 16.0 and 17.0. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Retail...
Oracle Retail Applications Retail Customer Engagement Access Control Error Vulnerability
Oracle Retail Applications is a suite of retail applications store solutions from Oracle Corporation. The product includes inventory management, sales management and customer management, etc. Retail Customer Engagement is one of the retailer customer engagement components, mainly used to interact...
CVE-2018-2789
Vulnerability in the Siebel Core - Server Framework component of Oracle Siebel CRM subcomponent: Services. The supported version that is affected is 17.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel Core - Server Framework. Whi...
Oracle Siebel CRM Siebel Engineering - Unspecified Vulnerability in Installer and Deployment Component
Oracle Siebel CRM is a set of customer relationship management solutions from Oracle USA, which includes modules for sales management, marketing management, customer service system, call center, etc. Siebel Engineering - Installer and Deployment is one of the Siebel Engineering Installer and...
CVE-2017-10263
Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM subcomponent: UIF Open UI. Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel UI Framework. Successful...
Oracle Siebel CRM Siebel UI Framework Component Unauthorized Operation Vulnerability (CNVD-2017-32189)
Oracle Siebel CRM is the United States Oracle Oracle company's set of customer relationship management solutions , which includes sales management , marketing management , customer service systems , call centers and other modules.Siebel UI Framework is one of the framework components based on the...
CVE-2017-10049
Vulnerability in the Siebel Core CRM component of Oracle Siebel CRM subcomponent: Search. Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel Core CRM. Successful attacks require...
Visual Studio 2022 version 17.0.14 update
This security update applies to all editions of Visual Studio 2022, and will update client machines on the LTSC channel to version 17.0.14. The client machines must be enabled to receive this administrator update, and by default Visual Studio must be closed on the client in order for the update t...