482 matches found
EUVD-2022-40903
Malicious code in bioql PyPI...
EUVD-2022-39276
Malicious code in bioql PyPI...
EUVD-2022-46078
Malicious code in bioql PyPI...
EUVD-2023-37826
Malicious code in bioql PyPI...
EUVD-2025-30920
Malicious code in bioql PyPI...
EUVD-2023-43486
Malicious code in bioql PyPI...
EUVD-2025-19877
Malicious code in bioql PyPI...
EUVD-2025-25319
Malicious code in bioql PyPI...
EUVD-2025-25011
Malicious code in bioql PyPI...
Code-Projects Simple Scheduling System SQL注入漏洞
Simple Scheduling System is a simple scheduling system. Simple Scheduling System has a SQL injection vulnerability that originates from the starttime/endtime parameters in the /addtime.php file not being securely filtered. An attacker can exploit this vulnerability to execute malicious SQL comman...
CVE-2025-57636
OS Command injection vulnerability in D-Link C1 2020-02-21. The sub47F028 function in jhttpd contains a command injection vulnerability via the HTTP parameter "time"...
D-Link DI-7100G OS Command Injection Vulnerability
D-Link DI-7100G is an Internet Behavior Management router for SMBs, supporting Gigabit network transfer rate some models are labeled as 100 Gigabit, equipped with 4 WAN interfaces and 1 LAN interface, built-in USB2.0 ports, and compliant with IEEE802.11n/g/b wireless standard and IEEE802.3 wired...
CVE-2025-57636
OS Command injection vulnerability in D-Link C1 2020-02-21. The sub47F028 function in jhttpd contains a command injection vulnerability via the HTTP parameter "time"...
CVE-2025-57636
OS Command injection vulnerability in D-Link C1 2020-02-21. The sub47F028 function in jhttpd contains a command injection vulnerability via the HTTP parameter "time"...
PT-2025-39210
Name of the Vulnerable Software and Affected Versions D-Link C1 versions prior to 2020-02-21 Description A command injection issue exists in the jhttpd component of the D-Link C1. The sub 47F028 function is susceptible to command injection through the time HTTP parameter. This allows for potentia...
CVE-2025-57636
OS Command injection vulnerability in D-Link C1 2020-02-21. The sub47F028 function in jhttpd contains a command injection vulnerability via the HTTP parameter "time"...
CVE-2025-57636
The CVE-2025-57636 entry describes an OS command injection in the D-Link C1 device. Affected component: jhttpd; vulnerable function sub_47F028; exploitation via the HTTP parameter time. Impact per PT-2025-39210: potential unauthorized system access. Affected versions are those prior to 2020-02-21...
CVE-2025-57636
OS Command injection vulnerability in D-Link C1 2020-02-21. The sub47F028 function in jhttpd contains a command injection vulnerability via the HTTP parameter "time"...
VulnCheck KEV: CVE-2025-34152
An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi Repeater hardware model MT02 via the 'time' parameter of the '/protocol.csp?' endpoint. The input is processed by the internal date '-s' command without rebooting or disrupting HTTP service. Unlike othe...
Shenzhen Aitemi M300 Wi-Fi Repeater Unauthenticated RCE (time param)
This module exploits an unauthenticated remote command injection vulnerability in the Shenzhen Aitemi M300 Wi-Fi Repeater hardware model MT02. The vulnerability lies in the 'time' parameter of the time configuration endpoint, which is passed unsanitized to a shell command executed via the date -s...