Teledyne FLIR AX8 跨站脚本漏洞

Teledyne FLIR AX8 is a series of thermal surveillance cameras from Teledyne FLIR USA. A cross-site scripting vulnerability exists in Teledyne FLIR AX8 version 1.46.16 and earlier, which stems from a cross-site scripting attack due to the incorrect operation of the parameter cmd in the file...

CVE-2023-41453

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the cmd parameter in the index.php component...

CVE-2022-30909

H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the CMD parameter at /goform/aspForm...

CVE-2024-51151

D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the mspinfohtm function via the flag parameter and cmd parameter...

D-Link DI-8200 安全漏洞

The D-Link DI-8200 is an enterprise router from China-based AUO D-Link. The D-Link DI-8200 suffers from a command injection vulnerability that stems from a remote command execution vulnerability in the flag parameter and cmd parameter of the mspinfohtm function. No details of the vulnerability ar...

CVE-2024-52739

D-LINK DI-8400 v16.07.26A1 was discovered to contain multiple remote command execution RCE vulnerabilities in the mspinfohtm function via the flag and cmd parameters...

CVE-2024-51151

CVE-2024-51151 affects the D-Link DI-8200 with firmware 16.07.26A1. The vulnerability is a remote command execution in the msp_info_htm function, exploitable via the flag parameter and the cmd parameter. The connected documents consistently describe this issue as a command injection/remotely expl...

CVE-2024-51151

D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the mspinfohtm function via the flag parameter and cmd parameter...

CVE-2024-51151

D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the mspinfohtm function via the flag parameter and cmd parameter...

VulnCheck KEV: CVE-2023-4542

A vulnerability was found in D-Link DAR-8000-10 up to 20230809. It has been classified as critical. This affects an unknown part of the file /app/sys1.php. The manipulation of the argument cmd with the input id leads to os command injection. It is possible to initiate the attack remotely. The...

Alien ALR-F800 授权问题漏洞

The Alien ALR-F800 is an RFID sensor from Alien. An authorization issue vulnerability exists in Alien ALR-F800 version 19.10.24.00 and prior versions, which stems from the cmd parameter in the /var/www/cmd.php file containing an improper authorization vulnerability...

The vulnerability of the msp_info_htm() function in the msp_info.htm file of the D-Link DI-8100 router’s microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the mspinfohtm function in the mspinfo.htm file of the D-Link DI-8100 router’s microprogramming system is related to the lack of data cleaning at the control level when processing the cmd parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

CVE-2024-29269

An issue discovered in Telesquare TLR-2005Ksh 1.0.0 and 1.1.4 allows attackers to run arbitrary system commands via the Cmd parameter...

CVE-2022-39818

In NOKIA NFM-T R19.9, an OS Command Injection vulnerability occurs in /cgi-bin/R19.9/log.pl of the VM Manager WebUI via the cmd HTTP GET parameter. This allows authenticated users to execute commands, with root privileges, on the operating system...

CVE-2023-41453

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the cmd parameter in the index.php component...

CVE-2023-41453

Cross Site Scripting vulnerability in phpkobo AjaxNewTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the cmd parameter in the index.php component...

PT-2023-27957 · Unknown · Phpkobo Ajaxnewticker

Name of the Vulnerable Software and Affected Versions: phpkobo AjaxNewTicker version 1.0.5 Description: The issue allows a remote attacker to execute arbitrary code via a crafted payload to the cmd parameter in the "index.php" component. This enables the attacker to perform Cross Site Scripting...

CVE-2023-29915

H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via CMD parameter at /goform/aspForm...

CVE-2023-29915

H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via CMD parameter at /goform/aspForm...

Stack overflow

H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via CMD parameter at /goform/aspForm...