7 matches found
CVE-2026-8659
OS Command Injection vulnerability in Rapid7 InsightConnect SQLmap Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the apihost or apiport parameters during connection configuration due to insufficient input validation...
CVE-2026-8659 OS Command Injection in Rapid7 InsightConnect SQLmap Plugin
OS Command Injection vulnerability in Rapid7 InsightConnect SQLmap Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the apihost or apiport parameters during connection configuration due to insufficient input validation...
📄 Remote Sunrise Helper for Windows 2026.14 Live Screen Capture
Remote Sunrise Helper for Windows version 2026.14 suffers from an unauthenticated live screen capture vulnerability. !/usr/bin/env python3 Exploit Title: Remote Sunrise Helper for Windows 2026.14 - Unauthenticated Live Screen Capture Date: 2026-04-20 Exploit Author: Chokri Hammedi Software:...
CVE-2020-16171
An issue was discovered in Acronis Cyber Backup before 12.5 Build 16342. Some API endpoints on port 9877 under /api/ams/ accept an additional custom Shard header. The value of this header is afterwards used in a separate web request issued by the application itself. This can be abused to conduct...
ASUS SmartHome Gateway HG100 Denial of Service Vulnerability
ASUS SmartHome Gateway HG100 is a smart home central control gateway device from ASUS, Taiwan, China. A security vulnerability exists in the web api server on port 8080 in the ASUS SmartHome Gateway HG100 using firmware version 1.05.12 and earlier. An attacker could exploit this vulnerability to...
CVE-2018-15598
Containous Traefik 1.6.x before 1.6.6, when --api is used, exposes the configuration and secret if authentication is missing and the API's port is publicly reachable...
CVE-2007-1209
Use-after-free vulnerability in the Client/Server Run-time Subsystem CSRSS in Microsoft Windows Vista does not properly handle connection resources when starting and stopping processes, which allows local users to gain privileges by opening and closing multiple ApiPort connections, which leaves a...