Lucene search
+L

84 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:27 p.m.8 views

CVE-2018-12492

PHPOK 4.9.032 has an arbitrary file deletion vulnerability in the delfilef function in framework/admin/tplcontrol.php...

7.5CVSS7.1AI score0.00926EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:24 p.m.30 views

CVE-2018-12491

PHPOK 4.9.032 has an arbitrary file upload vulnerability in the importf function in framework/admin/moduleccontrol.php, as demonstrated by uploading a .php file within a .php.zip archive, a similar issue to CVE-2018-8944...

9.8CVSS7AI score0.01656EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/12/31 12:0 a.m.7 views

PT-2025-54436

A vulnerability was detected in iCMS up to 8.0.0. Affected is the function Save of the file app/config/ConfigAdmincp.php of the component POST Parameter Handler. The manipulation of the argument config results in code injection. The attack can be launched remotely. The exploit is now public and m...

5.8CVSS7.1AI score0.00404EPSS
Exploits1References5
Zero Day Initiative
Zero Day Initiative
added 2025/12/19 12:0 a.m.8 views

AzeoTech DAQFactory CTL File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of AzeoTech DAQFactory. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS7.3AI score0.0031EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/12/19 12:0 a.m.5 views

AzeoTech DAQFactory CTL File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of AzeoTech DAQFactory. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS7.3AI score0.00324EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/12/19 12:0 a.m.4 views

AzeoTech DAQFactory CTL File Parsing Memory Corruption Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of AzeoTech DAQFactory. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS7.3AI score0.0031EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/12/17 12:0 a.m.8 views

AzeoTech DAQFactory CTL File Parsing Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of AzeoTech DAQFactory. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS7AI score0.00187EPSS
Exploits0References1
CNVD
CNVD
added 2025/12/15 12:0 a.m.5 views

AzeoTech DAQFactory Use After Release Vulnerability

AzeoTech DAQFactory is a data acquisition and monitoring software developed by AzeoTech, Inc. and commonly used in industrial automation. AzeoTech DAQFactory suffers from a release-after-use vulnerability that originates from a release-after-reuse vulnerability in the parsing of a specially craft...

7.3CVSS7.3AI score0.00201EPSS
Exploits0References1
CVE
CVE
added 2025/12/11 8:54 p.m.17 views

CVE-2025-66586

Summary: CVE-2025-66586 affects AzeoTech DAQFactory 20.7 (Build 2555). The CTL file parsing code has a type-confusion vulnerability that can lead to memory corruption and remote code execution in the context of the current process. The ZDI advisories (ZDI-25-1132, -1131, -1133, -1134) describe th...

7.8CVSS7.3AI score0.00187EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2025/12/11 12:0 a.m.6 views

编号撤回

AzeoTech DAQFactory is a data acquisition and monitoring software developed by AzeoTech, Inc. and commonly used in industrial automation. AzeoTech DAQFactory suffers from a stack buffer overflow vulnerability that originates from a stack buffer overflow when parsing a specially crafted .ctl file,...

7.6AI score0.00022EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.6 views

Siemens RUGGEDCOM APE1808, SIMATIC S7-1500 External Control of File Name or Path (CVE-2023-38546)

This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of conditions are met. libcurl performs transfers. In its API, an application creates easy handles that are the individual handles for single transfers. libcurl provides a function...

9.8CVSS7.3AI score0.83428EPSS
Exploits20References8
OSV
OSV
added 2025/10/13 9:27 p.m.10 views

CVE-2025-62361 WeGIA Open Redirect Vulnerability in `control.php` endpoint `nextPage` parameter (metodo=listarTodos nomeClasse=AlmoxarifeControle)

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.0, an Open Redirect vulnerability was identified in the control.php endpoint of the WeGIA application, specifically in the nextPage parameter metodo=listarTodos...

4.8CVSS6.8AI score0.00208EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/10/13 12:0 a.m.26 views

PT-2025-41822

Name of the Vulnerable Software and Affected Versions WeGIA versions prior to 3.5.0 Description WeGIA is a Web Manager for Institutions focused on Portuguese language users. A flaw exists that allows redirection to arbitrary external domains via the nextPage parameter in the ''control.php''...

4.8CVSS6.6AI score0.00208EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-27088

Malware in sbrugna...

7.5CVSS7.5AI score0.01227EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-6347

Malware in sbrugna...

9CVSS8.6AI score0.05931EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-0803

Malware in sbrugna...

5CVSS6.1AI score0.01448EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-20616

Malicious code in bioql PyPI...

3.5CVSS7.7AI score0.01256EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-14523

Malicious code in bioql PyPI...

9.1CVSS6.3AI score0.10286EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-37676

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00699EPSS
Exploits0References1
CVE
CVE
added 2025/10/02 8:25 p.m.16 views

CVE-2025-61606

WeGIA is affected: open redirect in the control.php endpoint via the nextPage parameter (metodo=listarUmnomeClasse=FuncionarioControle) for versions 3.4.12 and below. This could redirect users to arbitrary external domains, enabling phishing or credential theft as described in the CVE entries. Th...

6.1CVSS6.4AI score0.00208EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder