EUVD-2021-34719

Positive Technologies MaxPatrol 8 and XSpider contain a remote denial-of-service vulnerability in the client communication service on TCP port 2002. The service generates a new session identifier for each incoming connection without adequately limiting concurrent requests. An unauthenticated remo...

CVE-2024-29224

An OS command injection vulnerability exists in the NAT parameter of GoCast 1.1.3. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability...

CVE-2023-32637

GBrowse accepts files with any formats uploaded and places them in the area accessible through unauthenticated web requests. Therefore, anyone who can upload files through the product may execute arbitrary code on the server...

MagnusBilling 操作系统命令注入漏洞

MagnusBilling is a fast, secure, efficient, and highly available VOIP billing from MagnusSolution open source. An operating system command injection vulnerability exists in MagnusSolution MagnusBilling versions 6.x , 7.x that originates from allowing remote attackers to run arbitrary commands via...

CVE-2020-13915

Insecure permissions in emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allow a remote attacker to overwrite admin credentials via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n,...