2 matches found
GHSA-3VWC-QWHC-3MJ7 Glances has arbitrary file write and command execution via `secure_popen` redirection and chaining operators in AMP command configuration
Summary The securepopen function in glances/secure.py interprets file redirection, | pipe, and && command chaining operators in command strings. These operators are applied without any validation on the target file path, piped command, or chained command. When Application Monitoring Process AMP...
CVE-2025-63948
A SQL Injection vulnerability exists in phpMsAdmin version 2.2 in the databasemode.php file. An attacker can execute arbitrary SQL commands via the dbname parameter, potentially leading to information disclosure or database manipulation...