PT-2024-13201 · Cobham · Cobham Sailor Vsat Ku

Name of the Vulnerable Software and Affected Versions: Cobham SAILOR VSAT Ku version 164B019 Description: The issue allows a remote attacker to execute arbitrary code via a crafted script to the c set traps decode function in the acu web file. This is a Cross Site Scripting XSS issue...

CVE-2023-44856

Cross Site Scripting XSS vulnerability in Cobham SAILOR VSAT Ku v.164B019, allows a remote attacker to execute arbitrary code via a crafted script to the rstat, sender, and recipients' parameters of the sub21D24 function in the acuweb file...

CVE-2023-44855

Cross Site Scripting XSS vulnerability in Cobham SAILOR VSAT Ku v.164B019 allows a remote attacker to execute arbitrary code via a crafted script to the rdiag, sender, and recipients parameters of the sub219C4 function in the acuweb file...

CVE-2023-44852

The CVE-2023-44852 issue affects Cobham SAILOR VSAT Ku (version 164B019). The vulnerability is a Cross Site Scripting (XSS) flaw in the acu_web file, exploitable by remotely crafted scripts via the c_set_traps_decode function, enabling arbitrary code execution. The CVSS 3.1 vector indicates netwo...

CVE-2024-26574

Insecure Permissions vulnerability in Wondershare Filmora v.13.0.51 allows a local attacker to execute arbitrary code via a crafted script to the WSNativePushService.exe...

CVE-2024-26574

Insecure Permissions vulnerability in Wondershare Filmora v.13.0.51 allows a local attacker to execute arbitrary code via a crafted script to the WSNativePushService.exe...

CVE-2024-26574

Wondershare Filmora 13.0.51 is affected by CVE-2024-26574 due to insecure permissions in WSNativePushService.exe. The vulnerability allows a local attacker with low privileges and no user interaction to execute arbitrary code via a crafted script, per multiple sources (NVD/Red Hat/etc.). The issu...

CVE-2024-26574

Insecure Permissions vulnerability in Wondershare Filmora v.13.0.51 allows a local attacker to execute arbitrary code via a crafted script to the WSNativePushService.exe...

PT-2024-21426 · Wondershare · Wondershare Filmora

Name of the Vulnerable Software and Affected Versions: Wondershare Filmora version 13.0.51 Description: The issue allows a local attacker to execute arbitrary code via a crafted script to the WSNativePushService.exe. This can be exploited by a local attacker. Recommendations: For Wondershare...

CVE-2024-25503

Cross Site Scripting XSS vulnerability in Advanced REST Client v.17.0.9 allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted script to the edit details parameter of the New Project function...

CVE-2024-25503

Cross Site Scripting XSS vulnerability in Advanced REST Client v.17.0.9 allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted script to the edit details parameter of the New Project function...

CVE-2024-25503

CVE-2024-25503 affects Advanced REST Client v17.0.9 and is an XSS in the edit details field of the New Project function. The vulnerability could allow a remote attacker to execute arbitrary code and exfiltrate information. Public PoCs exist (e.g., a GitHub PoC repository), and Red Hat/NVD entries...

CVE-2024-25503

Cross Site Scripting XSS vulnerability in Advanced REST Client v.17.0.9 allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted script to the edit details parameter of the New Project function...

GHSA-HWVW-GH23-QPVQ CA17 TeamsACS Cross Site Scripting vulnerability

Cross Site Scripting vulnerability in CA17 TeamsACS v.1.0.1 allows a remote attacker to execute arbitrary code via a crafted script to the errmsg parameter...

CA17 TeamsACS Cross Site Scripting vulnerability

Cross Site Scripting vulnerability in CA17 TeamsACS v.1.0.1 allows a remote attacker to execute arbitrary code via a crafted script to the errmsg parameter...

CVE-2024-22780

Cross Site Scripting vulnerability in CA17 TeamsACS v.1.0.1 allows a remote attacker to execute arbitrary code via a crafted script to the errmsg parameter...

CVE-2024-22780

Cross Site Scripting vulnerability in CA17 TeamsACS v.1.0.1 allows a remote attacker to execute arbitrary code via a crafted script to the errmsg parameter...

TeamsACS 安全漏洞

TeamsACS is an 189CSP open source TR069 Automated Configuration Server ACS designed specifically for Mikrotik devices. Designed to help administrators remotely manage and configure Mikrotik units via the TR069 protocol. A security vulnerability exists in TeamsACS version v.1.0.1, which stems from...

CVE-2024-29644

CVE-2024-29644 concerns a Cross Site Scripting vulnerability in dcat-admin v2.1.3 and earlier. The issue allows a remote attacker to execute arbitrary code by injecting a crafted script into the user login box. Documents consistently describe this as a client-side script injection affecting the l...

Dcat Admin 安全漏洞

Dcat Admin is a backend system builder based on the secondary development of laravel-admin by Jiang Qinghua's personal developer. A security vulnerability exists in Dcat Admin v.2.1.3 and earlier versions. The vulnerability can be exploited by remote attackers to execute arbitrary code in the use...