KeySight RF - smsRestoreDatabaseZip UNC path to Remote Code Execution

The com.keysight.tentacle.config.ResourceManager.smsRestoreDatabaseZip method is used to restore the HSQLDB database used in SMS. It takes the path of the zipped database file as the single parameter. An unauthenticated, remote attacker can specify an UNC path for the database file i.e., \\sms,...

CVE-2026-28409

WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, a critical Remote Code Execution RCE vulnerability exists in the WeGIA application's database restoration functionality. An attacker with administrative access which can be obtained via the previously reported...

CVE-2026-28409

WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, a critical Remote Code Execution RCE vulnerability exists in the WeGIA application's database restoration functionality. An attacker with administrative access which can be obtained via the previously reported...

EUVD-2026-9080

WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, a critical Remote Code Execution RCE vulnerability exists in the WeGIA application's database restoration functionality. An attacker with administrative access which can be obtained via the previously reported...

CVE-2026-28409 WeGIA Vulnerable to Remote Code Execution (RCE) via OS Command Injection

WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, a critical Remote Code Execution RCE vulnerability exists in the WeGIA application's database restoration functionality. An attacker with administrative access which can be obtained via the previously reported...

CVE-2026-28409

WeGIA (web manager for charitable institutions) prior to version 3.6.5 contains a critical Remote Code Execution (RCE) in the database restoration feature. An attacker with administrative access (obtainable via an authentication bypass) can upload a backup file with a specially crafted filename t...

CVE-2022-38130

The com.keysight.tentacle.config.ResourceManager.smsRestoreDatabaseZip method is used to restore the HSQLDB database used in SMS. It takes the path of the zipped database file as the single parameter. An unauthenticated, remote attacker can specify an UNC path for the database file i.e., \\sms,...

EUVD-2025-11495

Malicious code in bioql PyPI...

EUVD-2024-1968

Malicious code in bioql PyPI...

CVE-2024-21519

This affects versions of the package opencart/opencart from 4.0.0.0. An Arbitrary File Creation issue was identified via the database restoration functionality. By injecting PHP code into the database, an attacker with admin privileges can create a backup file with an arbitrary filename including...

CVE-2022-46902

An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is a Path Traversal for an Unzip operation. The Vocera Report Console contains a websocket function that allows for the restoration of the database from a ZIP archive that expects a SQL import file. During the...

CVE-2024-55372

Wallos =2.38.2 has a file upload vulnerability in the restore database function, which allows unauthenticated users to restore database by uploading a ZIP file. The contents of the ZIP file are extracted on the server. This functionality enables an unauthenticated attacker to upload malicious fil...

BIT-OPENCART-2024-21519

This affects versions of the package opencart/opencart from 4.0.0-0. An Arbitrary File Creation issue was identified via the database restoration functionality. By injecting PHP code into the database, an attacker with admin privileges can create a backup file with an arbitrary filename including...

Arbitrary File Creation

opencart/opencart is vulnerable to Arbitrary File Creation. The vulnerability is due to insufficient validation in the database restoration functionality, allowing an attacker with admin privileges to inject PHP code and create a backup file with an arbitrary filename and extension within...

Arbitrary File Creation in opencart

This affects versions of the package opencart/opencart from 4.0.0.0. An Arbitrary File Creation issue was identified via the database restoration functionality. By injecting PHP code into the database, an attacker with admin privileges can create a backup file with an arbitrary filename including...

GHSA-7Q3H-J95Q-3VJH Arbitrary File Creation in opencart

This affects versions of the package opencart/opencart from 4.0.0.0. An Arbitrary File Creation issue was identified via the database restoration functionality. By injecting PHP code into the database, an attacker with admin privileges can create a backup file with an arbitrary filename including...

CVE-2024-21519

This affects versions of the package opencart/opencart from 4.0.0.0. An Arbitrary File Creation issue was identified via the database restoration functionality. By injecting PHP code into the database, an attacker with admin privileges can create a backup file with an arbitrary filename including...

CVE-2024-21519

This affects versions of the package opencart/opencart from 4.0.0.0. An Arbitrary File Creation issue was identified via the database restoration functionality. By injecting PHP code into the database, an attacker with admin privileges can create a backup file with an arbitrary filename including...

CVE-2024-21519

OpenCart opencart/opencart (v4.0.0.0) is affected by an Arbitrary File Creation vulnerability exposed via the database restoration functionality. The root cause is PHP code injection into the database, allowing an attacker with admin privileges to create a backup file with an arbitrary filename (...

CVE-2022-46902

An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is a Path Traversal for an Unzip operation. The Vocera Report Console contains a websocket function that allows for the restoration of the database from a ZIP archive that expects a SQL import file. During the...