CVE-2026-24344 Multiple Buffer Overflows in EZCast Pro II Dongle

Multiple Buffer Overflows in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to cause a program crash and potential remote code execution...

EUVD-2017-4359

Malware in sbrugna...

EUVD-2025-31375

Malicious code in bioql PyPI...

EUVD-2023-50521

Malicious code in bioql PyPI...

Mezzanine CMS has a Stored Cross-Site Scripting (XSS) vulnerability in the displayable_links_js function

Mezzanine CMS, in versions prior to 6.1.1, contains a Stored Cross-Site Scripting XSS vulnerability in the admin interface. The vulnerability exists in the "displayablelinksjs" function, which fails to properly sanitize blog post titles before including them in JSON responses served via...

Complaint Management System /admin/edit-subcategory.php File SQL Injection Vulnerability

Complaint Management System is a complaint management system. Complaint Management System suffers from a SQL injection vulnerability that originates from a lack of validation of externally-entered SQL statements in the parameter subcategory in the file /admin/edit-subcategory.php. An attacker can...

CVE-2023-23614

Pi-hole®'s Web interface based off of AdminLTE provides a central location to manage your Pi-hole. Versions 4.0 and above, prior to 5.18.3 are vulnerable to Insufficient Session Expiration. Improper use of admin WEBPASSWORD hash as "Remember me for 7 days" cookie value makes it possible for an...

CVE-2022-29669

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/lists/zhuan...

PT-2024-12109 · Unknown · Cs-Cart Multivendor

Name of the Vulnerable Software and Affected Versions: CS-Cart MultiVendor version 4.16.1 Description: A Cross Site Scripting XSS issue allows remote attackers to run arbitrary code via the product data parameter of add/edit product in the administration interface. This enables attackers to execu...

CVE-2023-46297

An issue was discovered on Mercusys MW325R EU V3 MW325REUV31.11.0 221019 devices. A WAN attacker can make the admin interface unreachable/invisible via an unauthenticated HTTP request. Verification of the data sent by the user does not occur. The web server does not crash, but the admin interface...

CVE-2024-35011

idccms v1.35 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/infoTypedeal.php?mudi=rev&nohrefStr=close...

Campcodes Retro Cellphone Online Store SQL注入漏洞

Campcodes Retro Cellphone Online Store is a retro cellphone online store by Campcodes. A SQL injection vulnerability exists in Campcodes Retro Cellphone Online Store version 1.0, which stems from the presence of unknown functionality in admin/index.php, which leads to sql injection via the...

CommScope Arris Surfboard Sb8200 跨站请求伪造漏洞

The CommScope Arris Surfboard Sb8200 is a Docsis 3.1 modem from CommScope USA. The Arris Surfboard SB8200 suffers from a security vulnerability that stems from the lack of any protection against cross-site request forgery attacks in the software's administrative web interface. This means that an...

CVE-2020-8243

A vulnerability in the Pulse Connect Secure 9.1R8.2 admin web interface could allow an authenticated attacker to upload custom template to perform an arbitrary code execution...

PT-2019-13721 · 3Proxy +1 · 3Proxy +1

Name of the Vulnerable Software and Affected Versions: 3proxy versions prior to 0.8.13 Description: The issue is related to an out-of-bounds write in the admin interface of the webadmin.c component. Recommendations: For versions prior to 0.8.13, update to version 0.8.13 or later to resolve the...

PT-2018-10204 · Zimbra · Zimbra Collaboration Suite

Name of the Vulnerable Software and Affected Versions: Zimbra Collaboration Suite versions 8.6.0 before Patch10 Zimbra Collaboration Suite versions 8.7.0 through 8.7.11.Patch2 Zimbra Collaboration Suite versions 8.8.0 through 8.8.7 Description: The issue allows read access to zimbraSSLPrivateKey...

Unspecified Vulnerability in Oracle iPlanet Web Server (CNVD-2017-33734)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of Oracle's business innovation platform for enterprise and cloud environments, which provides middleware, software collections, etc. Oracle iPlanet Web Server is one of the Web servers designed specifically for medium and large enterpris...