CVE-2026-35616

A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests...

CODESYS Control runtime system 安全漏洞

CODESYS Control runtime system is a control system runtime software developed by the German company CODESYS. It enables the execution of control logic for industrial automation devices. There is a security vulnerability in CODESYS Control runtime system. This vulnerability arises from the...

CVE-2021-26105

A stack-based buffer overflow vulnerability CWE-121 in the profile parser of FortiSandbox version 3.2.2 and below, version 3.1.4 and below may allow an authenticated attacker to potentially execute unauthorized code or commands via specifically crafted HTTP requests...

CVE-2024-26012

CVE-2024-26012: Fortinet FortiAP family devices are affected by an OS command injection vulnerability due to improper neutralization of special elements in commands. A local authenticated attacker could execute unauthorized code via the CLI. Affected products and versions include FortiAP-S: 6.2 (...

CVE-2024-23669

An improper authorization in Fortinet FortiWebManager version 7.2.0 and 7.0.0 through 7.0.4 and 6.3.0 and 6.2.3 through 6.2.4 and 6.0.2 allows attacker to execute unauthorized code or commands via HTTP requests or CLI...

Loginizer 1.7.8 - Reflected XSS

The plugin does not escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin Make a logged in admin open a page with the code below...

Audio Cutter Software - Code Injection Vulnerability

Exploit for windows platform in category dos / poc Technical Details: ================= Vulnerability Title: Audio Cutter Software - Code Injection Vulnerability Tool Name: Weeny Audio Cutter Software v1.5 Critical Level: High Author: Ajay Gowtham aka AJOXR Blackhat forums Type: Software Security...