730 matches found
CVE-2019-7484
Authenticated SQL Injection in SonicWall SMA100 allow user to gain read-only access to unauthorized resources using viewcacert CGI script. This vulnerability impacted SMA100 version 9.0.0.3 and earlier...
VulnCheck KEV: CVE-2019-16072
An OS command injection vulnerability in the discoverandmanage CGI script in NETSAS Enigma NMS 65.0.0 and prior allows an attacker to execute arbitrary code because of improper neutralization of shell metacharacters in the ipaddress variable within an snmpbrowser action...
EulerOS 2.0 SP2 : pcre (EulerOS-SA-2019-2486)
According to the version of the pcre packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - pcregrep in PCRE before 8.38 mishandles the -q option for binary files, which might allow remote attackers to obtain sensitive information via a...
CVE-2016-1000110
The CGIHandler class in Python before 2.7.12 does not protect against the HTTPPROXY variable name clash in a CGI script, which could allow a remote attacker to redirect HTTP requests...
CVE-2013-1889
modruid2 before 0.9.8 improperly handles file descriptors which allows remote attackers to bypass security using a CGI script to break out of the chroot...
Design/Logic Flaw
modruid2 before 0.9.8 improperly handles file descriptors which allows remote attackers to bypass security using a CGI script to break out of the chroot...
CVE-2013-1889
modruid2 before 0.9.8 improperly handles file descriptors which allows remote attackers to bypass security using a CGI script to break out of the chroot...
UBUNTU-CVE-2013-1889
modruid2 before 0.9.8 improperly handles file descriptors which allows remote attackers to bypass security using a CGI script to break out of the chroot...
CVE-2013-1889
Removed by vendor...
CVE-2013-1889
modruid2 before 0.9.8 improperly handles file descriptors which allows remote attackers to bypass security using a CGI script to break out of the chroot...
CVE-2019-11527
An issue was discovered in Softing uaGate SI 1.60.01. A CGI script is vulnerable to command injection with a maliciously crafted url parameter...
CVE-2019-15051
An issue was discovered in Softing uaGate SI, MB, 840D firmware through 1.71.00.1225. A CGI script is vulnerable to command injection via a maliciously crafted form parameter...
Command injection
An issue was discovered in Softing uaGate SI, MB, 840D firmware through 1.71.00.1225. A CGI script is vulnerable to command injection via a maliciously crafted form parameter...
Command injection
An issue was discovered in Softing uaGate SI 1.60.01. A CGI script is vulnerable to command injection with a maliciously crafted url parameter...
CVE-2019-11527
An issue was discovered in Softing uaGate SI 1.60.01. A CGI script is vulnerable to command injection with a maliciously crafted url parameter...
CVE-2019-11527
CVE-2019-11527 involves Softing uaGate SI 1.60.01, where a CGI script is vulnerable to command injection via a maliciously crafted URL parameter. The vulnerability is documented across multiple sources (NVD, Red Hat, CNVD, CVE lists). CVSSv3.1 vectors indicate an attack vector of NETWORK with low...
CVE-2019-13273
In Xymon through 4.3.28, a buffer overflow vulnerability exists in the csvinfo CGI script. The overflow may be exploited by sending a crafted GET request that triggers an sprintf of the srcdb parameter...
Buffer overflow
In Xymon through 4.3.28, a buffer overflow vulnerability exists in the csvinfo CGI script. The overflow may be exploited by sending a crafted GET request that triggers an sprintf of the srcdb parameter...
CVE-2019-13273
In Xymon through 4.3.28, a buffer overflow vulnerability exists in the csvinfo CGI script. The overflow may be exploited by sending a crafted GET request that triggers an sprintf of the srcdb parameter...
CVE-2019-13273
CVE-2019-13273 affects Xymon up to version 4.3.28, where the csvinfo CGI script contains a buffer overflow caused by a crafted GET request that triggers an sprintf on the srcdb parameter. This is a server-side vulnerability in the web interface (csvinfo.c) that can lead to memory corruption. The ...