Lucene search
K

428 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:40 p.m.8 views

CVE-2020-6119

SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The byear parameter in the page CheckDuplicateStudent.php is vulnerable to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...

8.8CVSS8.1AI score0.01403EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:24 p.m.7 views

CVE-2020-27236

An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3 in the compnomenclature parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability...

9.8CVSS7.6AI score0.00876EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:24 p.m.9 views

CVE-2020-27229

A number of exploitable SQL injection vulnerabilities exists in ‘patientslist.do’ page of OpenClinic GA 5.173.3 application. The findPersonID parameter in ‘‘patientslist.do’ page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this...

8.8CVSS8.1AI score0.00806EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:24 p.m.9 views

CVE-2020-27230

A number of exploitable SQL injection vulnerabilities exists in ‘patientslist.do’ page of OpenClinic GA 5.173.3 application. The findSector parameter in ‘‘patientslist.do’ page is vulnerable to authenticated SQL injection An attacker can make an authenticated HTTP request to trigger this...

8.8CVSS7.8AI score0.00806EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:24 p.m.7 views

CVE-2020-27232

An exploitable SQL injection vulnerability exists in ‘manageServiceStocks.jsp’ page of OpenClinic GA 5.173.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...

8.8CVSS7.9AI score0.01037EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:12 p.m.7 views

CVE-2020-13525

The sort parameter in the download page /sysworkflow/en/neoclassic/reportTables/reportTablesAjax is vulnerable to SQL injection in ProcessMaker 3.4.11. A specially crafted HTTP request can cause an SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability...

8.8CVSS7.8AI score0.01682EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/02/05 6:48 p.m.10 views

CVE-2017-16284

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...

9.9CVSS7.7AI score0.00673EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:47 p.m.11 views

CVE-2017-16280

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...

9.9CVSS7.7AI score0.00673EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:45 p.m.9 views

CVE-2017-16260

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...

9.9CVSS7.7AI score0.00853EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:45 p.m.6 views

CVE-2017-16286

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...

9.9CVSS7.7AI score0.00673EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:44 p.m.7 views

CVE-2017-16277

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...

9.9CVSS7.7AI score0.00673EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:44 p.m.9 views

CVE-2017-16283

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...

9.9CVSS7.7AI score0.00673EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:44 p.m.10 views

CVE-2017-16292

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...

9.9CVSS7.7AI score0.00673EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 6:42 p.m.10 views

CVE-2017-16290

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...

9.9CVSS7.7AI score0.00673EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 1:7 a.m.8 views

CVE-2024-28027

Three OS command injection vulnerabilities exist in the web interface I/O configuration functionality of MC Technologies MC LR Router 2.10.5. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these...

7.2CVSS7.7AI score0.07504EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/04 11:17 p.m.7 views

CVE-2024-39367

An os command injection vulnerability exists in the firewall.cgi iptablesWebsFilterRun functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

9.1CVSS7.7AI score0.08248EPSS
Exploits1References1
OSV
OSV
added 2025/01/14 3:15 p.m.4 views

CVE-2024-39799

Multiple external config control vulnerabilities exists in the openvpn.cgi openvpnserversetup functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these...

7.2CVSS6AI score0.01276EPSS
Exploits1References2
OSV
OSV
added 2025/01/14 3:15 p.m.2 views

CVE-2024-39787

Multiple directory traversal vulnerabilities exist in the nas.cgi adddir functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A directory traversal...

7.2CVSS7.4AI score
Exploits0References2
OSV
OSV
added 2025/01/14 3:15 p.m.4 views

CVE-2024-39786

Multiple directory traversal vulnerabilities exist in the nas.cgi adddir functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to permission bypass. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A directory traversal...

7.2CVSS7.4AI score0.0243EPSS
Exploits1References2
OSV
OSV
added 2025/01/14 3:15 p.m.4 views

CVE-2024-39784

Multiple command execution vulnerabilities exist in the nas.cgi adddir functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A command...

7.2CVSS6AI score0.06193EPSS
Exploits1References2
Rows per page
Query Builder