20 matches found
CVE-2026-27094
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GoDaddy CoBlocks coblocks allows Stored XSS.This issue affects CoBlocks: from n/a through = 3.1.16...
CVE-2025-62724 Open OnDemand allowlist bypass using symlinks in directory downloads (TOCTOU)
Open OnDemand is an open-source HPC portal. Prior to versions 4.0.8 and 3.1.16, users can craft a "Time of Check to Time of Use" TOCTOU attack when downloading zip files to access files outside of the OODALLOWLIST. This vulnerability impacts sites that use the file browser allowlists in all curre...
PT-2024-36573 · Siyuan · Siyuan
Name of the Vulnerable Software and Affected Versions: Siyuan versions prior to 3.1.16 Description: Siyuan is a personal knowledge management system. The /api/asset/upload endpoint in Siyuan is vulnerable to both arbitrary file write to the host and stored Cross-Site Scripting via the file write...
WordPress Strong Testimonials plugin <= 3.1.16 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Strong Testimonials versions = 3.1.16...
CVE-2022-35265
A denial of service vulnerability exists in the webserver hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the...
PT-2022-22674 · Robustel · Robustel R1510
Name of the Vulnerable Software and Affected Versions: Robustel R1510 versions 3.1.16 through 3.3.0 Description: A denial of service issue exists in the web server hashFirst functionality. It can be triggered by a specially-crafted network request, allowing an attacker to send a sequence of...
PT-2022-22668 · Robustel · Robustel R1510
Name of the Vulnerable Software and Affected Versions: Robustel R1510 versions 3.1.16 through 3.3.0 Description: A denial of service issue exists in the web server hashFirst functionality. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of reques...
PT-2022-22669 · Robustel · Robustel R1510
Name of the Vulnerable Software and Affected Versions: Robustel R1510 versions 3.1.16 through 3.3.0 Description: A denial of service issue exists in the web server hashFirst functionality. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of reques...
PT-2022-22671 · Robustel · Robustel R1510
Name of the Vulnerable Software and Affected Versions: Robustel R1510 versions 3.1.16 through 3.3.0 Description: A denial of service issue exists in the web server hashFirst functionality. It can be triggered by a specially-crafted network request, allowing an attacker to send a sequence of...
PT-2022-22667 · Robustel · Robustel R1510
Name of the Vulnerable Software and Affected Versions: Robustel R1510 versions 3.1.16 through 3.3.0 Description: A denial of service issue exists in the web server hashFirst functionality. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of reques...
Robustel R1510 数据伪造问题漏洞
The Robustel R1510 is an industrial VPN router from the Chinese company Robustel. The Robustel R1510 version 3.1.16 and version 3.3.0 are vulnerable to a data forgery issue. An attacker can exploit this vulnerability to update arbitrary firmware...
Robustel R1510 缓冲区错误漏洞
Robustel R1510 is an industrial VPN router from Robustel China. A buffer error vulnerability exists in Robustel R1510 version 3.1.16 and 3.3.0. The vulnerability stems from a denial-of-service vulnerability in the webserver hashFirst function, where a specially crafted network request could resul...
Robustel R1510 命令注入漏洞
Robustel R1510 is an industrial VPN router from Robustel China. A command injection vulnerability exists in Robustel R1510 version 3.1.16 and 3.3.0. The vulnerability stems from a denial-of-service vulnerability in the webserver hashFirst function, where a specially crafted network request could...
Robustel R1510 操作系统命令注入漏洞
The Robustel R1510 is an industrial VPN router from the Chinese company Robustel. An operating system command injection vulnerability exists in Robustel R1510 version 3.1.16 and version 3.3.0. An attacker can exploit this vulnerability to execute arbitrary commands...
Robustel R1510 缓冲区错误漏洞
Robustel R1510 is an industrial VPN router from Robustel China. A buffer error vulnerability exists in Robustel R1510 version 3.1.16 and 3.3.0. The vulnerability stems from a denial-of-service vulnerability in the webserver hashFirst function, where a specially crafted network request could resul...
PT-2022-22665 · Robustel · Robustel R1510
Name of the Vulnerable Software and Affected Versions: Robustel R1510 versions 3.1.16 through 3.3.0 Description: A denial of service issue exists in the web server hashFirst functionality. This can be triggered by a specially-crafted network request, allowing an attacker to send a sequence of...
PT-2022-22394 · Robustel · Robustel R1510
Name of the Vulnerable Software and Affected Versions: Robustel R1510 versions 3.1.16 through 3.3.0 Description: A command injection issue exists in the web server's /action/import authorized keys/ functionality. This allows an attacker to execute arbitrary commands by sending specially crafted...
PT-2022-21449 · Robustel · Robustel R1510
Name of the Vulnerable Software and Affected Versions: Robustel R1510 versions 3.1.16 through 3.3.0 Description: A command injection issue exists in the sysupgrade command injection functionality. This allows an attacker to execute arbitrary commands by sending a specially-crafted network request...
PT-2022-5412 · Robustel · Robustel R1510
Name of the Vulnerable Software and Affected Versions: Robustel R1510 versions 3.1.16 through 3.3.0 Description: A denial of service issue exists in the web server hashFirst functionality. This can be triggered by a specially-crafted network request, allowing an attacker to cause a denial of...
VulnCheck KEV: CVE-2005-2848
Directory traversal vulnerability in img.pl in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to read arbitrary files via a .. dot dot in the f parameter...