bloofoxCMS v0.5.2.1 - SQL Injection

bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the tid parameter at admin/index.php?mode=settings&page=tmpl&action=edit. id: CVE-2023-34753 info: name: bloofoxCMS v0.5.2.1 - SQL Injection author: theamanrawat severity: critical description: | bloofox v0.5.2.1 was...

CVE-2025-12686

Buffer copy without checking size of input 'Classic Buffer Overflow' vulnerability in AdminCenter in Synology BeeStation OS before 1.3.2-65648 allows remote attackers to execute arbitrary code via unspecified vectors...

CVE-2025-12686

Buffer copy without checking size of input 'Classic Buffer Overflow' vulnerability in AdminCenter in Synology BeeStation OS before 1.3.2-65648 allows remote attackers to execute arbitrary code via unspecified vectors...

EUVD-2025-209957

Buffer copy without checking size of input 'Classic Buffer Overflow' vulnerability in AdminCenter in Synology BeeStation Manager BSM before 1.3.2-65648 and Synology BeeStation OS before 1.3.2-65648 allows remote attackers to execute arbitrary code via unspecified vectors...

CVE-2025-12686

Buffer copy without checking size of input 'Classic Buffer Overflow' vulnerability in AdminCenter in Synology BeeStation OS before 1.3.2-65648 allows remote attackers to execute arbitrary code via unspecified vectors...

CVE-2025-12686

Buffer copy without checking size of input 'Classic Buffer Overflow' vulnerability in AdminCenter in Synology BeeStation OS before 1.3.2-65648 allows remote attackers to execute arbitrary code via unspecified vectors...

CVE-2025-12686

CVE-2025-12686 is a stack-based buffer overflow in Synology BeeStation OS and BeeStation Manager’s AdminCenter/auth_info component prior to version 1.3.2-65648. The flaw arises from a buffer copy without proper input size checking, enabling remote code execution with high impact. Public sources (...

Security Bulletin: IBM WebSphere Application Server Liberty shipped with IBM Tivoli Netcool Impact is vulnerable to information disclosure when the adminCenter-1.0 feature has been enabled (CVE-2022-22393)

Summary IBM WebSphere Application Server Liberty is used by IBM Tivoli Netcool Impact as the application server host. Information about a security vulnerability affecting IBM WebSphere Application Server Liberty has been published in a security bulletin. Vulnerability Details CVEID:CVE-2022-22393...

Security Bulletin: Multiple vulnerabilities in WebSphere Liberty affect SPSS Collaboration and Deployment Services

Summary There are multiple vulnerabilities in WebSphere Liberty used by SPSS Collaboration and Deployment Services. These issues have been addressed. Vulnerability Details CVEID:CVE-2022-22475 DESCRIPTION: IBM WebSphere Application Server Liberty and Open Liberty 17.0.0.3 through 22.0.0.5 are...

IBM WebSphere Application Server Liberty Information Disclosure Vulnerability (CNVD-2022-63368)

IBM WebSphere Application Server Liberty is a Java application server from IBM built on top of the Open Liberty project. IBM WebSphere Application Server Liberty is vulnerable to an information disclosure vulnerability that originates when The vulnerability stems from the fact that when...

CVE-2022-22393

IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 , with the adminCenter-1.0 feature configured, could allow an authenticated user to issue a request to obtain the status of HTTP/HTTPS ports which are accessible by the application server. IBM X-Force ID: 222078...

Design/Logic Flaw

IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 , with the adminCenter-1.0 feature configured, could allow an authenticated user to issue a request to obtain the status of HTTP/HTTPS ports which are accessible by the application server. IBM X-Force ID: 222078...

CVE-2022-22393

CVE-2022-22393 affects IBM WebSphere Application Server Liberty when adminCenter-1.0 is enabled; an authenticated user could query HTTP/HTTPS port status exposed by the server. Affected Liberty range is 17.0.0.3–22.0.0.5. IBM bulletins document the vulnerability details and state remediation is t...

CVE-2022-22393

IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 , with the adminCenter-1.0 feature configured, could allow an authenticated user to issue a request to obtain the status of HTTP/HTTPS ports which are accessible by the application server. IBM X-Force ID: 222078...

Security Bulletin: IBM WebSphere Application Server Liberty is vulnerable to an Information Disclosure (CVE-2022-22393)

Summary IBM WebSphere Application Server Liberty is vulnerable to an information disclosure with the adminCenter-1.0 feature enabled. This has been addressed. Vulnerability Details CVEID: CVE-2022-22393 DESCRIPTION: IBM WebSphere Application Server Liberty, with the adminCenter-1.0 feature...

CVE-2022-22393

IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 , with the adminCenter-1.0 feature configured, could allow an authenticated user to issue a request to obtain the status of HTTP/HTTPS ports which are accessible by the application server. IBM X-Force ID: 222078...

HTB22932: Multiple XSS in webSPELL

Vulnerability ID: HTB22932 Reference: http://www.htbridge.ch/advisory/multiplexssinwebspell.html Product: webSPELL Vendor: http://www.webspell.org/ http://www.webspell.org/ Vulnerable Version: 4.2.2a Vendor Notification: 05 April 2011 Vulnerability Type: XSS Cross Site Scripting Risk level: Mediu...

bloofoxCMS - (AdminCenter) Local File Inclusion

Exploit for php platform in category web applications =============================================== bloofoxCMS - AdminCenter Local File Inclusion =============================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0...

CVE-2008-0575

Cross-site request forgery CSRF vulnerability in admin/admincenter.php in webSPELL 4.01.02 allows remote attackers to assign the superadmin privilege level to arbitrary accounts as administrators via an "update member" action...