9 matches found
EUVD-2017-7375
Malware in sbrugna...
CVE-2018-15138
Ericsson-LG iPECS NMS 30M allows directory traversal via ipecs-cm/download?filename=../ URIs...
Sql injection
Adult Script Pro 2.2.4 allows SQL Injection via the PATHINFO to a /download URI, a different vulnerability than CVE-2007-6576...
CVE-2017-15959
Adult Script Pro 2.2.4 allows SQL Injection via the PATHINFO to a /download URI, a different vulnerability than CVE-2007-6576...
CVE-2017-15959
CVE-2017-15959 affects Adult Script Pro 2.2.4 . The vulnerability is a SQL injection via the request path (PATH_INFO) to the /download URI, as described in multiple sources. The root cause is unsafely handling PATH_INFO leading to SQL command injection; the issue is reported as a separate vulnera...
CVE-2017-15959
Adult Script Pro 2.2.4 allows SQL Injection via the PATHINFO to a /download URI, a different vulnerability than CVE-2007-6576...
CVE-2009-3617
Format string vulnerability in the AbstractCommand::onAbort function in src/AbstractCommand.cc in aria2 before 1.6.2, when logging is enabled, allows remote attackers to execute arbitrary code or cause a denial of service application crash via format string specifiers in a download URI. NOTE: som...
Format string
Format string vulnerability in the AbstractCommand::onAbort function in src/AbstractCommand.cc in aria2 before 1.6.2, when logging is enabled, allows remote attackers to execute arbitrary code or cause a denial of service application crash via format string specifiers in a download URI. NOTE: som...
CVE-2009-3617
Format string vulnerability in the AbstractCommand::onAbort function in src/AbstractCommand.cc in aria2 before 1.6.2, when logging is enabled, allows remote attackers to execute arbitrary code or cause a denial of service application crash via format string specifiers in a download URI. NOTE: som...