CVE-2026-41236

Froxlor is open source server administration software. Version 2.3.6 contains a symlink-following flaw in the root-owned SSH key synchronization path used for customer FTP users. The provisioning code appends public keys to /.ssh/authorizedkeys under a customer-controlled home directory without...

CVE-2026-41236

Froxlor is open source server administration software. Version 2.3.6 contains a symlink-following flaw in the root-owned SSH key synchronization path used for customer FTP users. The provisioning code appends public keys to /.ssh/authorizedkeys under a customer-controlled home directory without...

PT-2026-44907

Name of the Vulnerable Software and Affected Versions Froxlor version 2.3.6 Description A symlink-following flaw exists in the root-owned SSH key synchronization path used for customer FTP users. The provisioning code appends public keys to /.ssh/authorized keys within a customer-controlled home...

PT-2026-42859

Summary createAlertRule and createService and their update siblings accept FailTriggerTasks uint64 and RecoverTriggerTasks uint64 — IDs of cron tasks to fire when the alert/service trips. The validation function only validates the alert's Rules.Ignore server map; it never checks that the cron tas...

CVE-2020-37153

ASTPP 4.0.1 contains multiple vulnerabilities including cross-site scripting and command injection in SIP device configuration and plugin management interfaces. Attackers can exploit these flaws to inject system commands, hijack administrator sessions, and potentially execute arbitrary code with...

CVE-2020-37153 ASTPP VoIP 4.0.1 - Remote Code Execution

ASTPP 4.0.1 contains multiple vulnerabilities including cross-site scripting and command injection in SIP device configuration and plugin management interfaces. Attackers can exploit these flaws to inject system commands, hijack administrator sessions, and potentially execute arbitrary code with...

CVE-2020-37153 ASTPP VoIP 4.0.1 - Remote Code Execution

ASTPP 4.0.1 contains multiple vulnerabilities including cross-site scripting and command injection in SIP device configuration and plugin management interfaces. Attackers can exploit these flaws to inject system commands, hijack administrator sessions, and potentially execute arbitrary code with...

EUVD-2025-31434

Malicious code in bioql PyPI...

CVE-2025-11071

A security vulnerability has been detected in SeaCMS 13.3.20250820. Impacted is an unknown function of the file /admincron.php of the component Cron Task Management Module. The manipulation of the argument resourcefrom/collectID leads to sql injection. The attack can be initiated remotely. The...

CVE-2025-11071

A security vulnerability has been detected in SeaCMS 13.3.20250820. Impacted is an unknown function of the file /admincron.php of the component Cron Task Management Module. The manipulation of the argument resourcefrom/collectID leads to sql injection. The attack can be initiated remotely. The...

CVE-2025-11071 SeaCMS Cron Task Management admin_cron.php sql injection

A security vulnerability has been detected in SeaCMS 13.3.20250820. Impacted is an unknown function of the file /admincron.php of the component Cron Task Management Module. The manipulation of the argument resourcefrom/collectID leads to sql injection. The attack can be initiated remotely. The...

CVE-2025-11071

SeaCMS 13.3.20250820 is affected by a SQL injection in the Cron Task Management module via /admin_cron.php, caused by manipulation of the resourcefrom/collectID parameter. The vulnerability can be triggered remotely and exploited after the public disclosure of the exploit. The provided documents ...

PT-2025-39736

Name of the Vulnerable Software and Affected Versions SeaCMS version 13.3.20250820 Description A security issue exists in SeaCMS 13.3.20250820 related to the Cron Task Management Module. The issue involves SQL injection triggered by manipulating the collectID argument within the /admin cron.php...

UBUNTU-CVE-2023-38056

Improper Neutralization of commands allowed to be executed via OTRS System Configuration e.g. SchedulerCronTaskModule using UnitTests modules allows any authenticated attacker with admin privileges local execution of Code.This issue affects OTRS: from 7.0.X before 7.0.45, from 8.0.X before 8.0.35...

PT-2023-26267 · Otrs +1 · Otrs +2

Name of the Vulnerable Software and Affected Versions: OTRS versions 7.0.X through 7.0.44 OTRS versions 8.0.X through 8.0.34 OTRS Community Edition versions 6.0.1 through 6.0.34 Description: The issue is related to improper neutralization of commands allowed to be executed via OTRS System...

[SECURITY] Fedora 20 Update: kdeadmin-4.14.1-1.fc20

The kdeadmin metapackage includes administrative tools including: kcron: systemsettings module for the cron task scheduler ksystemlog: system log viewer kuser: user manager...

[SECURITY] Fedora 15 Update: kdeadmin-4.6.2-2.fc15

The kdeadmin package includes administrative tools including: kcron: systemsettings module for the cron task scheduler ksystemlog: system log viewer kuser: user manager...

[SECURITY] Fedora 11 Update: kdeadmin-4.4.3-1.fc11.1

The kdeadmin package includes administrative tools including: kcron: systemsettings module for the cron task scheduler knetworkconf: systemsettings module for network settings ksystemlog: system log viewer kuser: user manager...

[SECURITY] Fedora 13 Update: kdeadmin-4.4.3-1.fc13.1

The kdeadmin package includes administrative tools including: kcron: systemsettings module for the cron task scheduler knetworkconf: systemsettings module for network settings ksystemlog: system log viewer kuser: user manager...

[SECURITY] Fedora 12 Update: kdeadmin-4.4.3-1.fc12.1

The kdeadmin package includes administrative tools including: kcron: systemsettings module for the cron task scheduler knetworkconf: systemsettings module for network settings ksystemlog: system log viewer kuser: user manager...