CVE-2018-25357 Dolibarr ERP CRM 7.0.3 Remote Code Execution via install/step1.php

Dolibarr ERP CRM 7.0.3 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP code through the dbname parameter. Attackers can send a POST request to install/step1.php with malicious PHP code in the dbname parameter, then...

Code-Projects Simple Attendance Record System SQL注入漏洞

Simple Attendance Record System is a simple attendance record system. Simple Attendance Record System suffers from a SQL injection vulnerability that originates from an unknown function in the /check.php file that mishandles the student parameter. An attacker can use this vulnerability to obtain ...

kernel: mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory

A use-after-free memory bug exists in the linux kernel, such that unpoisonmemory tries to check the PGHWPoison flags of an uninitialized page. So VMBUGONPAGEPagePoisonedpage is triggered, leading to damage to the system availability and integrity...

WAVLINK AERIAL X 1200M 信息泄露漏洞

WAVLINK AERIAL X 1200M, a WiFi extender from WAVLINK China, is vulnerable to an information disclosure vulnerability in version M79X3.V5030.180719, which stems from improper authorization management on the livecheck.shtml page, and could be exploited by an attacker to The vulnerability is caused ...

PT-2022-20681 · Wavlink · Wavlink Aerial X 1200M

Name of the Vulnerable Software and Affected Versions: WAVLINK AERIAL X 1200M version M79X3.V5030.180719 Description: A vulnerability in live check.shtml allows attackers to obtain sensitive router information via execution of the exec cmd function. Recommendations: For version M79X3.V5030.180719...

UBUNTU-CVE-2019-10871

An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc...

imcat information disclosure vulnerability (CNVD-2019-00970)

imcat is a PHP-based open source website building system . A security vulnerability exists in imcat version 4.4. Remote attackers can use root/tools/adbug/check.php URI to obtain sensitive configuration information...

intana.de XSS vulnerability

Open Bug Bounty ID: OBB-662787 Description| Value ---|--- Affected Website:| intana.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

CVE-2015-4420

Multiple cross-site scripting XSS vulnerabilities in Opsview 4.6.2 and earlier allow remote attackers to inject arbitrary web script or HTML via a 1 crafted check plugin, the 2 description in a host profile, or the 3 pluginargs parameter to a Test service check page...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Opsview 4.6.2 and earlier allow remote attackers to inject arbitrary web script or HTML via a 1 crafted check plugin, the 2 description in a host profile, or the 3 pluginargs parameter to a Test service check page...

CVE-2015-4420

Opsview CVE-2015-4420 affects Opsview 4.6.2 and earlier, with multiple XSS flaws exploitable via (1) crafted check plugins, (2) description text in a host profile, or (3) the plugin_args parameter on a Test service check page. The issue enables remote injection of arbitrary script/HTML and is doc...

Opsview <= 4.6.2 - Multiple XSS Vulnerabilities

Exploit for php platform in category web applications Exploit title: Opsview 4.6.2 - Multiple XSS Date: 07-06-2015 Vendor homepage: www.opsview.com Version: 4.6.2 CVE: CVE-2015-4420 Author: Dolev Farhi @dolevf Tested On: Kali Linux + Windows 7 Details: -------- Opsview is a monitoring system base...

security flaw

The ext2 file system code in Linux kernel 2.6.x allows local users to cause a denial of service crash via an ext2 stream with malformed data structures that triggers an error in the ext2checkpage due to a length that is smaller than the minimum...

security flaw

The ext2 file system code in Linux kernel 2.6.x allows local users to cause a denial of service crash via an ext2 stream with malformed data structures that triggers an error in the ext2checkpage due to a length that is smaller than the minimum...

security flaw

The ext2 file system code in Linux kernel 2.6.x allows local users to cause a denial of service crash via an ext2 stream with malformed data structures that triggers an error in the ext2checkpage due to a length that is smaller than the minimum...