IBM Guardium Data Encryption has an unspecified vulnerability (CNVD-2022-20154)

IBM Guardium Data Encryption GDE is an application from IBM of America, Inc. IBM Guardium Data Encryption versions 4.0.0.0 and 5.0.0.0 contain a security vulnerability that stems from the fact that the software saves user information in a CSV form file with a comma as the separator symbol, but it...

CVE-2020-24356

cloudflared versions prior to 2020.8.1 contain a local privilege escalation vulnerability on Windows systems. When run on a Windows system, cloudflared searches for configuration files which could be abused by a malicious entity to execute commands as a privileged user. Version 2020.8.1 fixes thi...

Malicious Package

is a malicious package. The package contains a backdoor that opens a connection to a remote server and executes incoming commands...

UBUNTU-CVE-2020-24361

SNMPTT before 1.4.2 allows attackers to execute shell code via EXEC, PREXEC, or unknowntrapexec...

Rukovoditel Code Issue Vulnerability

Rukovoditel is a set of Web-based open source project management software from the Rukovoditel team. The software has project management , customer relationship management and other functions . A security vulnerability exists in Rukovoditel version 2.5.2. An attacker can change the content-type...

dotCMS code problem vulnerability

dotCMS is a content management system CMS from the United States dotCMS. The system supports RSS feeds , blogs , forums and other modules , and is easy to extend and build features . A code issue vulnerability exists in dotCMS versions prior to 5.2.4 that stems from faulty access control. An...

Design/Logic Flaw

Git before 2.19.2 on Linux and UNIX executes commands from the current working directory as if '.' were at the end of $PATH in certain cases involving the runcommand API and run-command.c, because there was a dangerous change from execvp to execv during 2017...

Arbitrary File Inclusion

kibana is vulnerable to arbitrary file inclusion attacks. The vulnerability exists through the Kibana Console API where a request can be sent to include external JS files which could possibly result in executing arbitrary commands...

CVE-2018-15150

SQL injection vulnerability in interface/deidentificationforms/deidentificationscreen2.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the 'temporaryfilesdir' variable in interface/super/editglobals.php...

SiteStar the establishment of the station star V2. 0 security-vulnerability warning-the black bar safety net

author: cnryan 1vulnerability overview: SiteStar V2. 0 does not properly restrict file uploads, a remote attacker could exploit this vulnerability to upload arbitrary files to the Web directory, The final result in the server executing arbitrary commands. 2vulnerability analysis: Vulnerability is...

vhcs-root.txt

!/usr/bin/php -q http://acid-root.new.fr/ [email protected] Exploit: + Logged in Administrator + The administrator has 2 resellers / Changing dareseller's password / Trying to connect as dareseller:thatpwnz + Login successful + The reseller has 2 users + Host domaintest.fr is connected /...

CVE-2003-1252

register.php in S8Forum 3.0 allows remote attackers to execute arbitrary PHP commands by creating a user whose name ends in a .php extension and entering the desired commands into the E-mail field, which creates a web-accessible .php file that can be called by the attacker, as demonstrated using ...