CVE-2021-33180

Synology Media Server, in the cgi component, is affected by CVE-2021-33180 (pre-1.8.1-2876) due to improper neutralization of input in an SQL command, allowing remote attackers to execute arbitrary SQL via unspecified vectors. Public details consistently cite a SQL injection vulnerability with re...

Sonicwall Secure Remote Access 8.1.0.2-14sv - Command Injection

Sonicwall Secure Remote Access 8.1.0.2-14sv - Command Injection Sonicwall Secure Remote Access SRA - Command Injection Vulnerabilities Vendor: Sonicwall Dell Product: Secure Remote Access SRA Version: 8.1.0.2-14sv Platform: Embedded Linux Discovery: Russell Sanford of Critical Start...

CVE-2016-9684

The SonicWall Secure Remote Access server version 8.1.0.2-14sv is vulnerable to a Remote Command Injection vulnerability in its web administrative interface. This vulnerability occurs in the 'viewcert' CGI /cgi-bin/viewcert component responsible for processing SSL certificate information. The CGI...

Command injection

The SonicWall Secure Remote Access server version 8.1.0.2-14sv is vulnerable to two Remote Command Injection vulnerabilities in its web administrative interface. These vulnerabilities occur in the diagnostics CGI /cgi-bin/diagnostics component responsible for emailing out information about the...

CVE-2016-9682

The SonicWall Secure Remote Access server version 8.1.0.2-14sv is vulnerable to two Remote Command Injection vulnerabilities in its web administrative interface. These vulnerabilities occur in the diagnostics CGI /cgi-bin/diagnostics component responsible for emailing out information about the...

Operators issued a large number of routers to contain high-risk vulnerabilities, most of the“problem router”IP in China-vulnerability warning-the black bar safety net

! According to statistics, the global operators to the General Public of Internet users has issued at least 7 0 million ADSL Router, but unfortunately, these routers exist high-risk vulnerabilities, and thus is likely to cause large-scale router attacks. It is worth mentioning that most of...

PHP 5.4.x < 5.4.37 / 5.5.x < 5.5.21 / 5.6.x < 5.6.5 Multiple Vulnerabilities

Binary data 8615.prm...

Ubuntu 14.04 LTS : PHP vulnerabilities (USN-2501-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2501-1 advisory. Stefan Esser discovered that PHP incorrectly handled unserializing objects. A remote attacker could use this issue to cause PHP to crash, resulting in a...

MGASA-2015-0040 Updated php packages fix security vulnerabilities

Updated php and libgd packages fix security vulnerabilities: Double free vulnerability in the zendtshashgracefuldestroy function in zendtshash.c in the Zend Engine in PHP before 5.5.21 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vecto...

PHP 5.6.5 Released With Several Security Fixes

Several new versions of PHP have been released, fixing a number of security vulnerabilities and other bugs in the popular scripting language. PHP 5.6.5 is the newest version of the language, and it has patches for a handful of vulnerabilities, including a use-after-free flaw that could lead to...

PHP Out of Bounds Read Vulnerability (Jan 2015)

PHP is prone to an out of bounds read vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; ifdescription...

Out-of-bounds

sapi/cgi/cgimain.c in the CGI component in PHP through 5.4.36, 5.5.x through 5.5.20, and 5.6.x through 5.6.4, when mmap is used to read a .php file, does not properly consider the mapping's length during processing of an invalid file that begins with a character and lacks a newline character, whi...

CVE-2014-1987

The CGI component in Cybozu Garoon 3.1.0 through 3.7 SP3 allows remote attackers to execute arbitrary commands via unspecified vectors...

Design/Logic Flaw

The CGI component in Cybozu Garoon 3.1.0 through 3.7 SP3 allows remote attackers to execute arbitrary commands via unspecified vectors...

Verisign multiple digital certificates managing products crossite scripting

Crossite scripting with haydn.exe CGI component...

Переполнение буфера в Statistics Server

Переполнение буфера в одном из CGI-компонентов позволяет выполнение кода с привилегией сервера...

Glimpse HTTP aglimpse Arbitrary Command Execution

The remote web server is running GlipmseHTTP. The installed version suffers from a remote command execution vulnerability in the 'aglimpse' component. Note that we could not actually check for the presence of this vulnerability, and only checked for the existence of the 'aglimpse' CGI...