Subscribe to Category <= 2.7.4 - SQL Injection

The Subscribe to Category contains a sqlinjection caused by improper neutralization of special elements used in an SQL command, letting attackers execute arbitrary SQL commands, exploit requires user interaction. id: CVE-2023-32590 info: name: Subscribe to Category = 2.7.4 - SQL Injection author:...

WhatsUp Gold GetStatisticalMonitorList SQL Injection - Authentication Bypass

In WhatsUp Gold versions released before 2024.0.0, if the application is configured with only a single user, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users encrypted password. id: CVE-2024-6671 info: name: WhatsUp Gold GetStatisticalMonitorList SQL Injectio...

Melis Technology Melis Platform - Unrestricted File Upload & Remote Code Execution

Melis Technology Melis Platform contains an unrestricted file upload caused by insufficient validation of 'mcsdetailimg' parameter in /melis/MelisCmsSlider/MelisCmsSliderDetails/saveDetailsForm, letting attackers upload malicious files and achieve remote code execution, exploit requires crafted...

n8n Webhooks - Remote Code Execution

n8n is an open source workflow automation platform. Versions starting with 1.65.0 and below 1.121.0 enable an attacker to access files on the underlying server through execution of certain form-based workflows. A vulnerable workflow could grant access to an unauthenticated remote attacker,...

Code-Projects School Fees Payment System 1.0 - SQL Injection

A vulnerability was found in code-projects School Fees Payment System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...

LG Supersign EZ CMS - Remote Code Execution

LG SuperSign CMS allows remote attackers to execute arbitrary code via the sourceUri parameter to qsrserver/device/getThumbnail. id: CVE-2018-17173 info: name: LG Supersign EZ CMS - Remote Code Execution author: pussycat0x severity: critical description: | LG SuperSign CMS allows remote attackers...

Langflow AI <= 1.6.9 - CORS Misconfiguration

Langflow AI versions 1.6.9 and earlier are vulnerable to a CORS misconfiguration that allows any origin to make credentialed requests. Combined with SameSite=None cookies, this enables cross-origin token theft and subsequent remote code execution via the /api/v1/validate/code endpoint. id:...

WordPress Stacks Mobile App Builder <=5.2.3 - Authentication Bypass

Stacks Mobile App Builder WordPress plugin ≤ 5.2.3 suffers from an authentication bypass vulnerability via improper handling of query parameters, allowing attackers to impersonate arbitrary users. id: CVE-2024-50477 info: name: WordPress Stacks Mobile App Builder =5.2.3 - Authentication Bypass...

Roundcube Webmail - Cross-Site Scripting

A Cross-Site Scripting vulnerability in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a crafted e-mail message that abuses a Desanitization issue in messagebody in program/actions/mail/show.php. id: CVE-2024-42009 info: name:...

kkFileView 4.0 - Server-Side Request Forgery

kkFileView 4.0 contains a server-side request forgery caused by improper validation in OnlinePreviewController.java, letting attackers induce the server to make arbitrary requests, exploit requires sending crafted requests. id: CVE-2022-42149 info: name: kkFileView 4.0 - Server-Side Request Forge...

FatPipe WARP/IPVPN/MPVPN - Backdoor Account

FatPipe WARP, IPVPN, and MPVPN software prior to versions 10.1.2r60p91 and 10.2.2r42 contain an account named "cmuser" with administrative privileges and no password, letting attackers gain unauthorized admin access, exploit requires no authentication. id: CVE-2021-27856 info: name: FatPipe...

ThemeGrill Demo Importer < 1.6.2 - Database Reset

ThemeGrill Demo Importer before 1.6.2 does not require authentication for wiping the database due to a resetwizardactions hook. In versions 1.3.4 and above and versions 1.6.1 and below, there is a vulnerability that allows any unauthenticated user to wipe the entire database to its default state...

RevPi Webstatus <= v2.4.5 - Authentication Bypass

An unauthorized remote attacker can bypass the authentication of the affected software package by misusing an incorrect type conversion. This leads to full compromise of the device id: CVE-2025-41646 info: name: RevPi Webstatus = v2.4.5 - Authentication Bypass author: DhiyaneshDK severity: critic...

Jan v0.4.12 - Arbitrary File Upload

An arbitrary file upload vulnerability in the /v1/app/writeFileSync interface of Jan v0.4.12 allows attackers to execute arbitrary code via uploading a crafted file. id: CVE-2024-36858 info: name: Jan v0.4.12 - Arbitrary File Upload author: pussycat0x severity: critical description: | An arbitrar...

WordPress ShowBiz Pro <= 1.7.1 - Authenticated Arbitrary File Upload to RCE

The WordPress ShowBiz Pro plugin version = 1.7.1 allows arbitrary PHP file upload via the admin-ajax.php endpoint.This leads to unauthenticated remote code execution. id: CVE-2015-9499 info: name: WordPress ShowBiz Pro = 1.7.1 - Authenticated Arbitrary File Upload to RCE author:...

WPGraphQL 0.2.3 - User Creation

The WPGraphQL 0.2.3 plugin for WordPress allows remote attackers to register a new user with admin privileges, whenever new user registrations are allowed. This is related to the registerUser mutation. id: CVE-2019-9879 info: name: WPGraphQL 0.2.3 - User Creation author: DhiyaneshDk severity:...

Jordy Meow AI Engine - Unrestricted File Upload

Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine- ChatGPT Chatbot.This issue affects AI Engine- ChatGPT Chatbot- from n/a through 1.9.98. id: CVE-2023-51409 info: name: Jordy Meow AI Engine - Unrestricted File Upload author: pussycat0x severity: critical...

Roxy-WI - Remote Code Execution

Roxy-WI before 6.1.1.0 is susceptible to remote code execution. System commands can be run remotely via the delcert parameter without proper input validation in the /app/options.py file, allowing attackers to inject arbitrary OS commands. id: CVE-2022-31161 info: name: Roxy-WI - Remote Code...

YouPHPTube Encoder - Arbitrary File Write

Exploitable unauthenticated command injections exist in YouPHPTube Encoder 2.3 a plugin for providing encoder functionality in YouPHPTube.The parameter base64Url in /objects/getImageMP4.php is vulnerable to a command injection attack. id: CVE-2019-5128 info: name: YouPHPTube Encoder - Arbitrary...

UniFi OS Server - Command Injection

A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection. id: CVE-2026-34910 info: name: UniFi OS Server - Command Injection author: Kazgangap severity: critical description: | A malicious actor...