EUVD-2021-26482

Malware in sbrugna...

Some-PoC-oR-ExP

This repository is an offensive tool for collecting or writing various vulnerability POCs and exploits. The primary vulnerability targeted by the provided code is CNVD-2020-10487, a Tomcat-Ajp LFI Local File Inclusion vulnerability. The tool is designed to exploit this vulnerability to gain...

Some-PoC-oR-ExP

This repository is an offensive tool for collecting or writing various vulnerability PoCs proofs of concept and exploits. The primary vulnerability targeted by the code is CNVD-2020-10487, a Tomcat-Ajp local file inclusion LFI vulnerability. The tool is designed to exploit this vulnerability to...

CVE-2021-3617

A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow command injection by setting a specially crafted network configuration. This vulnerability is the same as CNVD-2020-68652...

CVE-2021-3617

A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow command injection by setting a specially crafted network configuration. This vulnerability is the same as CNVD-2020-68652...

Design/Logic Flaw

A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow an unauthorized user to view device information, alter firmware content and device configuration. This vulnerability is the same as CNVD-2020-68651...

CVE-2021-3616

A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow an unauthorized user to view device information, alter firmware content and device configuration. This vulnerability is the same as CNVD-2020-68651...

Command injection

A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow command injection by setting a specially crafted network configuration. This vulnerability is the same as CNVD-2020-68652...

CVE-2021-3617

CVE-2021-3617 affects Lenovo Smart Camera X3, X5 and C2E. The connected documents describe a command-injection vulnerability triggered by setting a specially crafted network configuration, with roots traced to CNVD-2020-68652. The available sources reiterate the affected devices and the general i...

CVE-2021-3134

Mubu 2.2.1 allows local users to gain privileges to execute commands, aka CNVD-2020-68878...

Design/Logic Flaw

Mubu 2.2.1 allows local users to gain privileges to execute commands, aka CNVD-2020-68878...

CVE-2021-3134

Mubu 2.2.1 allows local users to gain privileges to execute commands, aka CNVD-2020-68878...

CVE-2021-3134

CVE-2021-3134 affects Mubu 2.2.1. The vulnerability is a local privilege escalation: a local attacker can gain privileges to execute system commands. Root cause cited in connected records is an authorization issue stemming from failure to strictly limit user privileges (CNVD-2020-68878). The rela...

Joomla! cross-site request forgery vulnerability (CNVD-2020-75071)

Joomla! is a globally recognized content management system developed using the PHP language coupled with a MySQL database that can be implemented on various platforms such as Linux, Windows, MacOSX, and many others. A cross-site request forgery vulnerability exists in Joomla! 2.5.0 - 3.9.22. The...

MediaWiki cross-site scripting vulnerability (CNVD-2020-74054)

MediaWiki is a set of free and freely available web-based Wiki engines from the MediaWiki Wikimedia Foundation in the United States. It can be used to deploy in-house knowledge management and content management systems. MediaWiki before 1.35.1 suffers from a cross-site scripting vulnerability tha...

Odoo Cross-Site Scripting Vulnerability (CNVD-2020-74057)

Odoo is an Enterprise Resource Planning ERP and Customer Relationship Management CRM system from Odoo Belgium. The system is developed in Python language, PostgreSQL as the database, and includes modules for sales management, inventory management, financial management and so on. A cross-site...

OpenJPEG Buffer Overflow Vulnerability (CNVD-2020-73760)

OpenJPEG is a C-based open source JPEG2000 codec . OpenJPEG suffers from a buffer overflow vulnerability that can be exploited by an attacker to trigger a buffer overflow via opjpinextrlcp to trigger a denial of service and potentially run code...

IBM MQ Denial of Service Vulnerability (CNVD-2020-73763)

IBM MQ formerly IBM WebSphere MQ is a powerful, secure and reliable messaging middleware. A security vulnerability exists in IBM MQ, which can be exploited by an attacker to trigger a denial of service via a fatal error that can be triggered by application processing connected to IBM MQ...

zzcms cross-site scripting vulnerability (CNVD-2020-73162)

ZZCMS is the content management system of Webmaster Merchants. A cross-site scripting vulnerability exists in the user login page of zzcms 2019. An attacker can exploit this vulnerability by injecting js code via user/login.php via the referer header...

IBM Security Key Lifecycle Manager Cross-Site Scripting Vulnerability (CNVD-2020-73011)

IBM Security Key Lifecycle Manager formerly known as Tivoli Key Lifecycle Manager is a set of key lifecycle management software from IBM in the United States. The software provides key storage, key maintenance and key lifecycle management for storage devices. A cross-site scripting vulnerability...