84 matches found
CVE-2018-12492
PHPOK 4.9.032 has an arbitrary file deletion vulnerability in the delfilef function in framework/admin/tplcontrol.php...
CVE-2018-12491
PHPOK 4.9.032 has an arbitrary file upload vulnerability in the importf function in framework/admin/moduleccontrol.php, as demonstrated by uploading a .php file within a .php.zip archive, a similar issue to CVE-2018-8944...
PT-2025-54436
A vulnerability was detected in iCMS up to 8.0.0. Affected is the function Save of the file app/config/ConfigAdmincp.php of the component POST Parameter Handler. The manipulation of the argument config results in code injection. The attack can be launched remotely. The exploit is now public and m...
AzeoTech DAQFactory CTL File Parsing Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of AzeoTech DAQFactory. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...
AzeoTech DAQFactory CTL File Parsing Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of AzeoTech DAQFactory. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...
AzeoTech DAQFactory CTL File Parsing Memory Corruption Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of AzeoTech DAQFactory. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...
AzeoTech DAQFactory CTL File Parsing Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of AzeoTech DAQFactory. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...
AzeoTech DAQFactory Use After Release Vulnerability
AzeoTech DAQFactory is a data acquisition and monitoring software developed by AzeoTech, Inc. and commonly used in industrial automation. AzeoTech DAQFactory suffers from a release-after-use vulnerability that originates from a release-after-reuse vulnerability in the parsing of a specially craft...
CVE-2025-66586
Summary: CVE-2025-66586 affects AzeoTech DAQFactory 20.7 (Build 2555). The CTL file parsing code has a type-confusion vulnerability that can lead to memory corruption and remote code execution in the context of the current process. The ZDI advisories (ZDI-25-1132, -1131, -1133, -1134) describe th...
编号撤回
AzeoTech DAQFactory is a data acquisition and monitoring software developed by AzeoTech, Inc. and commonly used in industrial automation. AzeoTech DAQFactory suffers from a stack buffer overflow vulnerability that originates from a stack buffer overflow when parsing a specially crafted .ctl file,...
Siemens RUGGEDCOM APE1808, SIMATIC S7-1500 External Control of File Name or Path (CVE-2023-38546)
This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of conditions are met. libcurl performs transfers. In its API, an application creates easy handles that are the individual handles for single transfers. libcurl provides a function...
CVE-2025-62361 WeGIA Open Redirect Vulnerability in `control.php` endpoint `nextPage` parameter (metodo=listarTodos nomeClasse=AlmoxarifeControle)
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.0, an Open Redirect vulnerability was identified in the control.php endpoint of the WeGIA application, specifically in the nextPage parameter metodo=listarTodos...
PT-2025-41822
Name of the Vulnerable Software and Affected Versions WeGIA versions prior to 3.5.0 Description WeGIA is a Web Manager for Institutions focused on Portuguese language users. A flaw exists that allows redirection to arbitrary external domains via the nextPage parameter in the ''control.php''...
EUVD-2021-27088
Malware in sbrugna...
EUVD-2016-6347
Malware in sbrugna...
EUVD-2014-0803
Malware in sbrugna...
EUVD-2025-20616
Malicious code in bioql PyPI...
EUVD-2025-14523
Malicious code in bioql PyPI...
EUVD-2023-37676
Malicious code in bioql PyPI...
CVE-2025-61606
WeGIA is affected: open redirect in the control.php endpoint via the nextPage parameter (metodo=listarUmnomeClasse=FuncionarioControle) for versions 3.4.12 and below. This could redirect users to arbitrary external domains, enabling phishing or credential theft as described in the CVE entries. Th...