Lucene search
+L

113 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-33224

Malicious code in bioql PyPI...

7.2CVSS6.6AI score0.00563EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-40725

Malicious code in bioql PyPI...

8.7CVSS7.1AI score0.00747EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-33938

Malicious code in bioql PyPI...

4.8CVSS5.4AI score0.00575EPSS
Exploits0References1
CISA KEV Catalog
CISA KEV Catalog
added 2025/08/29 12:0 a.m.16 views

Sangoma FreePBX Authentication Bypass Vulnerability

Sangoma FreePBX contains an authentication bypass vulnerability due to insufficiently sanitized user-supplied data allows unauthenticated access to FreePBX Administrator leading to arbitrary database manipulation and remote code execution...

10CVSS8.3AI score0.93286EPSS
In wildExploits21
CNNVD
CNNVD
added 2025/08/28 12:0 a.m.7 views

FreePBX 安全漏洞

FreePBX formerly known as Asterisk Management Portal is a suite of tools from the FreePBX project for configuring Asterisk an IP telephony system via a GUI web-based graphical interface. A security vulnerability exists in FreePBX version 15.0.66 and versions prior to 17.0.3, which stems from...

10CVSS7.8AI score0.93286EPSS
Exploits21References3
OSV
OSV
added 2025/07/17 8:15 p.m.2 views

CVE-2025-7752

A vulnerability was found in code-projects Online Appointment Booking System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/deletedoctor.php. The manipulation of the argument did leads to sql injection. The attack may be launched remotely...

9.8CVSS5.8AI score0.00396EPSS
Exploits1References5
BDU FSTEC
BDU FSTEC
added 2025/06/09 12:0 a.m.8 views

The vulnerability of the handle_request function in the ASUS GT-AC2900 router allows a hacker to gain unauthorized access to the administrator interface.

The vulnerability of the handlerequest function in ASUS GT-AC2900 routers is related to deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker to gain unauthorized access to the administrator interface...

10CVSS8AI score0.99393EPSS
Exploits1References4Affected Software2
RedhatCVE
RedhatCVE
added 2025/05/22 6:23 p.m.5 views

CVE-2021-23896

Cleartext Transmission of Sensitive Information vulnerability in the administrator interface of McAfee Database Security DBSec prior to 4.8.2 allows an administrator to view the unencrypted password of the McAfee Insights Server used to pass data to the Insights Server. This user is restricted to...

4.5CVSS6.9AI score0.00204EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:50 p.m.7 views

CVE-2020-8222

A path traversal vulnerability exists in Pulse Connect Secure 9.1R8 that allowed an authenticated attacker via the administrator web interface to perform an arbitrary file reading vulnerability through Meeting...

6.8CVSS6.7AI score0.0228EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 8:38 p.m.12 views

CVE-2002-2345

Oracle 9i Application Server 9.0.2 stores the web cache administrator interface password in plaintext, which allows remote attackers to gain access...

7.5CVSS7.2AI score0.01398EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/01/20 12:0 a.m.9 views

The vulnerability of the administrator’s user interface function “Configuration XML” of the Continuous Integration and Delivery (CI/CD) GoCD system allows a perpetrator to increase their privileges.

The vulnerability of the “Configuration XML” user interface function in the Continuous Integration and Delivery CI/CD GoCD system is related to improper authentication. Exploiting this vulnerability allows a malicious actor to increase their privileges remotely...

9CVSS5.4AI score0.00727EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/11/01 10:15 a.m.14 views

CVE-2024-10653

IDExpert from CHANGING Information Technology does not properly validate a specific parameter in the administrator interface, allowing remote attackers with administrative privileges to inject and execute OS commands on the server...

7.2CVSS0.00563EPSS
Exploits0References2
NVD
NVD
added 2024/11/01 10:15 a.m.16 views

CVE-2024-10651

IDExpert from CHANGING Information Technology does not properly validate a specific parameter in the administrator interface, allowing remote attackers with administrator privileges to exploit this vulnerability to read arbitrary system files...

4.9CVSS0.00604EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/01 9:59 a.m.25 views

CVE-2024-10653 CHANGING Information Technology IDExpert - OS Command Injection

IDExpert from CHANGING Information Technology does not properly validate a specific parameter in the administrator interface, allowing remote attackers with administrative privileges to inject and execute OS commands on the server...

7.2CVSS0.00563EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/01 9:59 a.m.18 views

CVE-2024-10653 CHANGING Information Technology IDExpert - OS Command Injection

IDExpert from CHANGING Information Technology does not properly validate a specific parameter in the administrator interface, allowing remote attackers with administrative privileges to inject and execute OS commands on the server...

7.2CVSS7.3AI score0.00563EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/11/01 9:53 a.m.6 views

CVE-2024-10651 CHANGING Information Technology IDExpert - Arbitrary File Read through Path Traversal

IDExpert from CHANGING Information Technology does not properly validate a specific parameter in the administrator interface, allowing remote attackers with administrator privileges to exploit this vulnerability to read arbitrary system files...

4.9CVSS6.9AI score0.00604EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/01 12:0 a.m.4 views

CHANGING IDExpert 操作系统命令注入漏洞

CHANGING IDExpert is an authentication system based on zero trust and integrating various mechanisms such as FIDO, biometrics, MFA, etc. from China-based CHANGING. An operating system command injection vulnerability exists in CHANGING IDExpert versions 2.6.1 through 2.8.1.240620, which originates...

7.2CVSS8.1AI score0.00563EPSS
Exploits0References2
OSV
OSV
added 2023/12/14 4:15 p.m.2 views

CVE-2023-44279

Dell PowerProtect DD , versions prior to 7.13.0.10, LTS 7.7.5.25, LTS 7.10.1.15, 6.2.1.110 contain an OS command injection vulnerability in administrator CLI. A local high privileged attacker could potentially exploit this vulnerability, to bypass security restrictions. Exploitation may lead to a...

6.7CVSS5.8AI score0.00616EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/12/14 12:0 a.m.2 views

Dell PowerProtect Data Domain Operating System Command Injection Vulnerability

Dell PowerProtect Data Domain Dell PowerProtect DD is a suite of hardware appliances for data protection, backup, storage, and deduplication from Dell, USA. An operating system command injection vulnerability exists in Dell PowerProtect Data Domain, which stems from an administrator command line...

7.2CVSS7.5AI score0.01778EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/12/14 12:0 a.m.9 views

PT-2023-29186 · Dell · Dell Powerprotect Dd

Name of the Vulnerable Software and Affected Versions: Dell PowerProtect DD versions prior to 7.13.0.10 Dell PowerProtect DD LTS versions prior to 7.7.5.25 Dell PowerProtect DD LTS versions prior to 7.10.1.15 Dell PowerProtect DD version 6.2.1.110 Description: The issue concerns an OS command...

6.7CVSS6.5AI score0.00616EPSS
Exploits0References6
Rows per page
Query Builder