Lucene search
K

15 matches found

EUVD
EUVD
added 2026/05/29 12:42 p.m.12 views

EUVD-2026-33297

FreePBX is an open source IP PBX. Prior to 16.0.22 and 17.0.5, the Dashboard module's getcontent AJAX handler includes PHP files based on user-supplied input without path sanitization. The $REQUEST'rawname' parameter is concatenated into an include call with a .class.php suffix, allowing path...

7.6CVSS6AI score0.00272EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/29 12:0 a.m.8 views

TOTOLINK A3300R 命令注入漏洞

TOTOLINK A3300R is a wireless router produced by TOTOLINK Corporation. The TOTOLINK A3300R version 17.0.0cu.557b20221024 contains a command injection vulnerability. This vulnerability arises from improper handling of the parameter “lanIp” in the file /cgi-bin/cstecgi.cgi, which may lead to comman...

8.8CVSS6.6AI score0.02179EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/02/20 3:46 p.m.1 views

CVE-2025-69376 WordPress User Extra Fields plugin <= 17.0 - Arbitrary File Deletion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in vanquish User Extra Fields wp-user-extra-fields allows Path Traversal.This issue affects User Extra Fields: from n/a through = 17.0...

5.4AI score0.00518EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.7 views

PT-2025-46231

Name of the Vulnerable Software and Affected Versions SQL Anywhere Monitor Non-GUI version 17.0 versions prior to SAP Note 3666261 Description The SQL Anywhere Monitor Non-GUI contains hard-coded credentials within its code. This allows unintended users access to resources and functionality,...

10CVSS8AI score0.00647EPSS
Exploits0References19
Positive Technologies
Positive Technologies
added 2025/10/14 12:0 a.m.8 views

PT-2025-42181

Name of the Vulnerable Software and Affected Versions FreePBX Endpoint Manager versions prior to 16.0.92 FreePBX Endpoint Manager versions prior to 17.0.6 Description The software includes a Network Scanning feature that provides web-based access to nmap functionality for network device discovery...

8.6CVSS6.8AI score0.00649EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 9:25 a.m.9 views

CVE-2024-1153

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Talya Informatics Travel APPS allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Travel APPS: before v17.0.68...

4.6CVSS5.9AI score0.00288EPSS
Exploits0References1
OSV
OSV
added 2020/07/15 6:15 p.m.2 views

CVE-2020-14709

Vulnerability in the Customer Management and Segmentation Foundation product of Oracle Retail Applications component: Card. Supported versions that are affected are 16.0, 17.0 and 18.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

7.1CVSS5.8AI score0.01032EPSS
Exploits0References1
OSV
OSV
added 2019/04/23 7:32 p.m.3 views

CVE-2018-3312

Vulnerability in the Oracle Retail Customer Engagement component of Oracle Retail Applications subcomponent: Segment. Supported versions that are affected are 16.0 and 17.0. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Retail...

5.5CVSS5.8AI score0.00875EPSS
Exploits0References1
CNVD
CNVD
added 2019/04/17 12:0 a.m.2 views

Oracle Retail Applications Retail Customer Engagement Access Control Error Vulnerability

Oracle Retail Applications is a suite of retail applications store solutions from Oracle Corporation. The product includes inventory management, sales management and customer management, etc. Retail Customer Engagement is one of the retailer customer engagement components, mainly used to interact...

6CVSS6.6AI score0.00875EPSS
Exploits0References1
OSV
OSV
added 2018/04/19 2:29 a.m.1 views

CVE-2018-2789

Vulnerability in the Siebel Core - Server Framework component of Oracle Siebel CRM subcomponent: Services. The supported version that is affected is 17.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel Core - Server Framework. Whi...

5CVSS7.3AI score0.01002EPSS
Exploits0References2
CNVD
CNVD
added 2018/01/22 12:0 a.m.4 views

Oracle Siebel CRM Siebel Engineering - Unspecified Vulnerability in Installer and Deployment Component

Oracle Siebel CRM is a set of customer relationship management solutions from Oracle USA, which includes modules for sales management, marketing management, customer service system, call center, etc. Siebel Engineering - Installer and Deployment is one of the Siebel Engineering Installer and...

4.3CVSS6.8AI score0.0095EPSS
Exploits0References1
OSV
OSV
added 2017/10/19 5:29 p.m.3 views

CVE-2017-10263

Vulnerability in the Siebel UI Framework component of Oracle Siebel CRM subcomponent: UIF Open UI. Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel UI Framework. Successful...

8.2CVSS7.3AI score0.01406EPSS
Exploits0References2
CNVD
CNVD
added 2017/10/18 12:0 a.m.1 views

Oracle Siebel CRM Siebel UI Framework Component Unauthorized Operation Vulnerability (CNVD-2017-32189)

Oracle Siebel CRM is the United States Oracle Oracle company's set of customer relationship management solutions , which includes sales management , marketing management , customer service systems , call centers and other modules.Siebel UI Framework is one of the framework components based on the...

6.1CVSS6.5AI score0.01032EPSS
Exploits0References1
OSV
OSV
added 2017/08/08 3:29 p.m.2 views

CVE-2017-10049

Vulnerability in the Siebel Core CRM component of Oracle Siebel CRM subcomponent: Search. Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel Core CRM. Successful attacks require...

6.1CVSS7.3AI score0.0142EPSS
Exploits0References3
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 3:0 a.m.16 views

Visual Studio 2022 version 17.0.14 update

This security update applies to all editions of Visual Studio 2022, and will update client machines on the LTSC channel to version 17.0.14. The client machines must be enabled to receive this administrator update, and by default Visual Studio must be closed on the client in order for the update t...

0.9AI score
Exploits0
Rows per page
Query Builder