PT-2022-26191 · Nextcloud +1 · Nextcloud Server +1

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 23.0.10 Nextcloud Server versions prior to 24.0.5 Description: The issue arises from the lack of validation of calendar name lengths before they are written to a database. This allows an attacker to send...

Zulip Server eval injection vulnerability

Zulip is a powerful open source group chat application that combines the immediacy of live chat with the productivity benefits of threaded conversations.Zulip Server is the Zulip server. Zulip Server suffers from an eval injection vulnerability. An attacker who can write directly to the postgres...

Code Execution Vulnerability in QYKCMS Version 4.3.2

QYKCMS is a lightweight intelligent website building system based on PHP+MySql developed by QYK. QYKCMS 4.3.2 version of the code execution vulnerability, the vulnerability stems from the modification of the configuration of the incoming parameters are not filtered, allowing attackers to exploit...

Debian DSA-3937-1 : zabbix - security update

Lilith Wyatt discovered two vulnerabilities in the Zabbix network monitoring system which may result in execution of arbitrary code or database writes by malicious proxies. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

Remote Code Execution and Database Write Vulnerabilities in Zabbix

zabbix is a WEB-based interface to provide distributed system monitoring and network monitoring capabilities of enterprise-class open source solutions . A remote code execution vulnerability exists in the trapper command feature in Zabbix version 2.4.x. A specific packet can cause a command...

Zabbix multiple high-risk vulnerabilities-vulnerability warning-the black bar safety net

About Zabbix zabbix is a WEB-based interface to provide distributed system monitoring and network monitoring capabilities of enterprise-class open source solutions. zabbix to monitor various network parameters, ensure that the server system of the security operations;and to provide flexible...

CVE-2011-4047

The Dell KACE K2000 System Deployment Appliance allows remote attackers to execute arbitrary commands by leveraging database write access...

CVE-2011-4047

CVE-2011-4047 affects the Dell KACE K2000 System Deployment Appliance. The issue allows remote attackers to execute arbitrary commands by exploiting write access to the appliance’s database, enabling command execution on the target system. The vulnerability is tied to remote database access and i...

CVE-2011-4047

The Dell KACE K2000 System Deployment Appliance allows remote attackers to execute arbitrary commands by leveraging database write access...

CVE-2007-0850

scripts/cronscript.php in SysCP 1.2.15 and earlier includes and executes arbitrary PHP scripts that are referenced by the panelcronscript table in the SysCP database, which allows attackers with database write privileges to execute arbitrary code by constructing a PHP file and adding its filename...