40 matches found
CVE-2026-7156
A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. Affected is the function CsteSystem of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument HTTP results in os command injection. The attack may be launched remotely. The exploit is now...
CVE-2023-43487
Improper access control in some IntelR CST before version 2.1.10300 may allow an authenticated user to potentially enable denial of service via local access...
CVE-2023-40155
Uncontrolled search path for some IntelR CST software before version 2.1.10300 may allow an authenticated user to potentially enable escalation of privilege via local access...
EUVD-2023-45602
Malicious code in bioql PyPI...
EUVD-2023-44762
Malicious code in bioql PyPI...
EUVD-2023-47902
Malicious code in bioql PyPI...
CVE-2024-29076
Uncaught exception for some IntelR CST software before version 8.7.10803 may allow an authenticated user to potentially enable denial of service via local access...
CVE-2023-41082
Null pointer dereference for some IntelR CST software before version 2.1.10300 may allow an authenticated user to potentially enable denial of service via local access...
CVE-2023-39433
Improper access control for some IntelR CST software before version 2.1.10300 may allow an authenticated user to potentially enable escalation of privilege via local access...
PT-2025-17889 · WordPress · Ajax Comment Form Cst
Name of the Vulnerable Software and Affected Versions: Ajax Comment Form CST plugin for WordPress versions up to, and including, 1.2 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation via the 'acform cst settings' page. This allows...
WordPress plugin Ajax Comment Form CST 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerabili...
CVE-2024-29076
Uncaught exception for some IntelR CST software before version 8.7.10803 may allow an authenticated user to potentially enable denial of service via local access...
CVE-2024-29076
CVE-2024-29076 affects Intel CST software prior to version 8.7.10803. The issue is an uncaught exception that may allow an authenticated user to cause a denial of service via local access. Impact is described with CVSS 3.1 base score 5.5 (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) and CVSS 4.0 base sco...
CVE-2024-29076
Uncaught exception for some IntelR CST software before version 8.7.10803 may allow an authenticated user to potentially enable denial of service via local access...
CVE-2024-29076
Uncaught exception for some IntelR CST software before version 8.7.10803 may allow an authenticated user to potentially enable denial of service via local access...
Malicious code in test-module-cst (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-6106 Malicious code in test-module-cst (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in cst-web-chat (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f29459986483506a5bda069545676e4bfc990a37afd3dc286ba0e882cc4c8442 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-1382 Malicious code in cst-web-chat (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f29459986483506a5bda069545676e4bfc990a37afd3dc286ba0e882cc4c8442 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2023-43487
Improper access control in some IntelR CST before version 2.1.10300 may allow an authenticated user to potentially enable denial of service via local access...