CVE-2022-1838

A vulnerability classified as critical has been found in Home Clean Services Management System 1.0. This affects an unknown part of admin/login.php. The manipulation of the argument username with the input admin%'//AND//SELECT//5383//FROM//SELECTSLEEP5JPeh//AND//'frfq%'='frfq leads to sql...

UBUNTU-CVE-2022-22971

In spring framework versions prior to 5.3.20+ , 5.2.22+ and old unsupported versions, application with a STOMP over WebSocket endpoint is vulnerable to a denial of service attack by an authenticated user...

CVE-2022-28165

A vulnerability in the role-based access control RBAC functionality of the Brocade SANNav before 2.2.0 could allow an authenticated, remote attacker to access resources that they should not be able to access and perform actions that they should not be able to perform. The vulnerability exists...

PHP Object Injection Vulnerability in Booking Calendar Plugin

On April 18, 2022, the Wordfence Threat Intelligence team initiated the responsible disclosure process for an Object Injection vulnerability in the Booking Calendar plugin for WordPress, which has over 60,000 installations. We received a response the same day and sent over our full disclosure ear...

CVE-2021-41026

CVE-2021-41026 affects Fortinet FortiWeb versions 6.4.1, 6.4.0, and 6.3.0 through 6.3.15. A relative path traversal in the FortiWeb API controller could allow an authenticated attacker to retrieve arbitrary files from the underlying filesystem via specially crafted web requests. The connected doc...

WordPress Uleak Security Dashboard 1.2.3 Cross Site Scripting

Exploit Title: WordPress Plugin uleak-security-dashboard 1.2.3 - Stored Cross-Site Scripting Authenticated Date: 31-03-2022 Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/uleak-security-dashboard/ Version: 1.2.3 Tested on: Firefox Contact me: h at...

CVE-2021-43970

An arbitrary file upload vulnerability exists in albumimages.jsp in Quicklert for Digium 10.0.0 1043 via a .mp3;.jsp filename for a file that begins with audio data bytes. It allows an authenticated low privileged attacker to execute remote code on the target server within the context of...

VulnCheck KEV: CVE-2017-6740

The Simple Network Management Protocol SNMP subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload...

Fortinet FortiWLM 路径遍历漏洞

Fortinet FortiWLC is a wireless LAN controller from Fortinet, Inc. A path traversal vulnerability exists in Fortinet FortiWLC, which can be exploited by an authenticated attacker to retrieve arbitrary files from the underlying file system via a specially crafted Web request...

MariaDB CONNECT Storage Engine Use-After-Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16207.

...

CVE-2022-0020

A stored cross-site scripting XSS vulnerability in Palo Alto Network Cortex XSOAR web interface enables an authenticated network-based attacker to store a persistent javascript payload that will perform arbitrary actions in the Cortex XSOAR web interface on behalf of authenticated administrators...

CVE-2021-33966

Cross site scripting XSS vulnerability in spotweb 1.4.9, allows authenticated attackers to execute arbitrary code via crafted GET request to the login page...

SonicOS SessionID Buffer Overflow via HTTP response

A Stack-based buffer overflow in the SonicOS SessionID HTTP response header allows a remote authenticated attacker to cause Denial of Service DoS and potentially results in code execution in the firewall. This vulnerability affected SonicOS Gen 6 and Gen 7 firmware versions. CVE: CVE-2021-20048...

Command injection

An OS command injection vulnerability exists in the Web Manager SslGenerateCertificate functionality of Lantronix PremierWave 2050 8.9.0.0R4 in QEMU. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this...

CVE-2021-3376

CVE-2021-3376 affects CuppaCMS (versions before 31 Jan 2021). An authenticated attacker can escalate privileges by sending a crafted POST request that uses the user_group_id_field parameter. The vulnerability stems from a faulty programmatic call related to privilege handling in CuppaCMS. Documen...

CVE-2021-20039

Improper neutralization of special elements in the SMA100 management interface '/cgi-bin/viewcert' POST http method allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances...

CVE-2021-24748 Email Before Download < 6.8 - Admin+ SQL Injection

The Email Before Download WordPress plugin before 6.8 does not properly validate and escape the order and orderby GET parameters before using them in SQL statements, leading to authenticated SQL injection issues...

CVE-2021-40130

A vulnerability in the web application of Cisco Common Services Platform Collector CSPC could allow an authenticated, remote attacker to specify non-log files as sources for syslog reporting. This vulnerability is due to improper restriction of the syslog configuration. An attacker could exploit...

Cisco IOS XE SD-WAN Software 操作系统命令注入漏洞

Cisco IOS XE SD-WAN Software is a Cisco software for network management software-defined networking applied to the Cisco IOS XE network operating system. An operating system command injection vulnerability exists in the Cisco IOS XE SD-WAN CLI that stems from insufficient input validation in the...

Authenticated SMA100 Arbitrary Command Injection Vulnerability

Improper neutralization of special elements in the SMA100 management interface allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user, which could potentially lead to code execution. CVE: CVE-2021-20035 Last updated: April 15, 2025, 3:50 p.m...