EUVD-2026-19775

File Browser has a Command Injection via Hook Runner...

EUVD-2023-28804

Malicious code in bioql PyPI...

The vulnerability of the wget_test.asp script in the D-Link DI-7300G+ router microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the wgettest.asp script of the D-Link DI-7300G+ router microprogramming system is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability in the script/cgi-bin/adm.cgi of the Wavlink WL-WN579A3 router’s microprogramming system, which allows a hacker to execute arbitrary commands.

The vulnerability of the /cgi-bin/adm.cgi file in the microprogramming software for Wavlink WL-WN579A3 is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary command...

The vulnerability in the web interface of the industrial process visualization and control system, mySCADA myPRO Runtime, and the mySCADA myPRO Manager platform, allows a perpetrator to execute arbitrary code.

The vulnerability of the web interface of the industrial process visualization and control system, mySCADA myPRO Runtime, and the mySCADA myPRO Manager platform, is related to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this...

The vulnerability of the doPPPo function in the mainfunction.cgi script of the DrayTek Vigor 3900 router software allows a hacker to execute arbitrary commands.

The vulnerability of the doPPPo function in the mainfunction.cgi script of the DrayTek Vigor 3900 router software exists due to the failure to eliminate special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the CGI microprogramming interface of Zyxel’s GS1900 series routers allows attackers to execute arbitrary commands.

The vulnerability of the CGI microprogramming interface of Zyxel routers series GS1900 is related to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the “restore” function in the mainfunction.cgi file of the DrayTek Vigor 3900 router microprogramming system allows a hacker to execute arbitrary code.

The vulnerability of the “restore” function in the mainfunction.cgi file of the DrayTek Vigor 3900 router microprogramming system exists due to the lack of measures taken to neutralize special elements used in the operating system command. Exploiting this vulnerability allows a remote attacker to...

The vulnerability of the setWanIeCfg() function (/cgi-bin/cstecgi.cgi) in the microprogramming software for TOTOLINK X5000R allows a hacker to execute any command they desire.

The vulnerability of the setWanIeCfg function /cgi-bin/cstecgi.cgi in TOTOLINK X5000R routers exists due to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by...

The vulnerability of the newcli.php web interface of the Ruijie EG-2000SE software firewall allows a perpetrator to escalate their privileges and gain unauthorized access to protected information.

The vulnerability of the newcli.php web interface of the Ruijie EG-2000SE software gateway lies in the lack of measures taken to neutralize the special elements used in commands. Exploiting this vulnerability can allow an attacker, operating remotely, to enhance their privileges and gain...

Mlflow Security Vulnerabilities

Mlflow is an open source platform for machine learning lifecycles. A security vulnerability exists in Mlflow that stems from special elements used in operating system commands that are not properly neutralized, which allows an attacker to exploit path traversal or absolute path techniques to enab...

The vulnerability of the runtime.pingTest() function in Linksys E5600 router microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the runtime.pingTest function in Linksys E5600 router microprogramming software is related to the lack of measures taken to neutralize special elements used in the OS command when processing the ipurl parameter. Exploiting this vulnerability allows a remote attacker to execut...

The vulnerability of the implementation of the SSL VPN technology using the micro-programming software for network interfaces of the SMA 100 series, which allows a intruder to execute any command they desire.

The vulnerability of the implementation of the SSL VPN micro-programming system for network interfaces of SONICWALL series SMA 100 exists due to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor ...

The vulnerability of the `get_system_log` and `get_crash_log` functions in the logread module of the GL.iNet router microprogramming solutions (GL.iNet A1300, AX1800, AXT1800, MT3000, MT2500, MT6000, MT1300, MT300N-V2, AR750S, AR750, AR300M, B1300) allows a attacker to execute arbitrary code.

The vulnerability of the getsystemlog and getcrashlog functions in the logread module of the GL.iNet routers A1300, AX1800, AXT1800, MT3000, MT2500, MT6000, MT1300, MT300N-V2, AR750S, AR750, AR300M, B1300 exists due to the lack of measures to neutralize special elements used in the operating syst...

PT-2024-1515 · Qnap · Qts +2

Name of the Vulnerable Software and Affected Versions: QTS versions prior to 5.1.4.2596 build 20231128 QTS versions prior to 4.5.4.2627 build 20231225 QuTS hero versions prior to h5.1.4.2596 build 20231128 QuTS hero versions prior to h4.5.4.2626 build 20231225 QuTScloud versions prior to...

The vulnerability of the AWSFile component in the D-Link G416 router’s microprogramming software allows a hacker to execute arbitrary code with root privileges.

The vulnerability of the AWSFile component in the D-Link G416 router microprogramming system exists due to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with root...

The vulnerability of the flupl function in Python-based D-Link G416 router software allows a hacker to execute arbitrary code.

The vulnerability of the flupl function in D-Link G416 router software lies in the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by connecting to port 80...

The vulnerability of the sub_4119A0 function in the microprogramming software of the TOTOLINK X6000R router allows a hacker to execute arbitrary code.

The vulnerability of the sub4119A0 function shttpd in the TOTOLINK X6000R router microprogramming system exists due to the lack of measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

The vulnerability of the cstecgi.cgi implementation in TOTOLINK X5000R router microprogramming software allows a perpetrator to execute arbitrary commands.

The vulnerability of the cstecgi.cgi microprogramming system implementation in TOTOLINK X5000R routers is related to the failure to take measures to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

The vulnerability of the microprogramming software of the Parks Fiberlink 210 exists due to the lack of measures taken to neutralize the special elements used in the operating system’s commands, allowing attackers to execute arbitrary commands on the server.

The vulnerability of the Parks Fiberlink 210 router’s microprogramming software exists due to the lack of measures taken to neutralize the special elements used in the operating system’s commands. Exploiting this vulnerability allows an attacker to execute arbitrary commands on the server using t...