CVE-2020-10053

A vulnerability has been identified in SIMATIC RTLS Locating Manager All versions V2.12. The affected application writes sensitive data, such as database credentials in configuration files. A local attacker with access to the configuration files could use this information to launch further attack...

EUVD-2014-3474

Malware in sbrugna...

EUVD-2024-27573

Malicious code in bioql PyPI...

EUVD-2023-32818

Malicious code in bioql PyPI...

CVE-2023-0960

A vulnerability was found in SeaCMS 11.6 and classified as problematic. Affected by this issue is some unknown functionality of the file /data/config.ftp.php of the component Picture Management. The manipulation leads to deserialization. The attack may be launched remotely. The exploit has been...

CVE-2019-16638

An issue was found on the Ruijie EG-2000 series gateway. An attacker can easily dump cleartext stored passwords in /data/config.text with simple XORs. This affects EG-2000SE EGRGOS 11.11B1...

GHSA-GGMR-44CV-24PM Code injection via unsafe YAML loading

Impact Sockeye uses YAML to store model and data configurations on disk. Versions below 2.3.24 use unsafe YAML loading, which can be made to execute arbitrary code embedded in config files. An attacker can add malicious code to the config file of a trained model and attempt to convince users to...

All Vulnerabilities for learning.southglos.gov.uk Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| learning.southglos.gov.uk ---|--- Open...

djcotts.net Improper Access Control vulnerability OBB-1213467

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

revistanovafase.com.br Cross Site Scripting vulnerability OBB-1176981

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

igra-karty.ru Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1091225 Security Researcher Broly157 Helped patch 1605 vulnerabilities Received 7 Coordinated Disclosure badges Received 15 recommendations , a holder of 7 badges for responsible and coordinated disclosure, found a security vulnerability affecting igra-karty.ru website and...

berehyni.com Improper Access Control vulnerability OBB-1071579

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Apache Solr Remote Code Execution Vulnerability (CNVD-2019-26390)

Apache Solr is the United States Apache Apache Software Foundation of a Lucene a full-text search engine based on the search server . The product supports level search , vertical search , highlighting search results and so on. Apache Solr has a remote code execution vulnerability that can be...

CVE-2018-4841

A vulnerability has been identified in TIM 1531 IRC All versions V1.1. A remote attacker with network access to port 80/tcp or port 443/tcp could perform administrative operations on the device without prior authentication. Successful exploitation could allow to cause a denial-of-service, or read...

Multiple Vulnerabilities in SpiceWorks 7.5 TFTP

SpiceWorks is a suite of network device management and monitoring software for small and medium-sized businesses from Spiceworks, Inc. A remote file overwrite and upload vulnerability exists in SpiceWorks 7.5 TFTP. A remote attacker can gain unauthorized access to the Spiceworks data configuratio...

South Korea HOMPYNET CMS vulnerability-vulnerability warning-the black bar safety net

Upload vulnerability : http://www.xxx.com/admin/imageadmin3.php?boardid=&iname=&iform= http://www.xxx.com/admin/imageadmin2.php?boardid=&iname=&iform= Uploaded posterior diameter: http://www.xxx.com/biswebpage/images/shell.php.en Editor: http://www.xxx.com/admin/editor/SWE.php...

South Korea HOMPYNET CMS multiple vulnerabilities-vulnerability warning-the black bar safety net

Upload vulnerability URL: /admin/imageadmin3. php? boardid=&iname=&iform= /admin/imageadmin2. php? boardid=&iname=&iform= Uploaded posterior diameter: /biswebpage/images/t. php. en Editor: /admin/editor/SWE.php /program/editor/SWE.php Data configuration file path: /mconfig/DATA/gsetting.php This...

Vivotek Cameras Data Configuration Disclosure

Exploit Title: Vivotek Full Data Source CONFIG Date: 09/07/12 Author: Alejandro Leon Morales GothicX Author Mail: Gothicxatfreaknetworkdotin Author Web: www.undermx.blogspot.mx Sofware web: www.vivotek.com Vulnerable version: all Tested on: Microsoft windows 7 / Vista / XP/ MacOS Dork:...