CVE-2025-62847

CVE-2025-62847 is an actual, documented vulnerability affecting QNAP QTS and QuTS hero. It is described as an improper neutralization of argument delimiters in a command, enabling an attacker to alter execution logic on affected systems. Fixed versions are QTS 5.2.7.3297 build 20251024 and later,...

CVE-2025-62847 QTS, QuTS hero

An improper neutralization of argument delimiters in a command vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to alter execution logic. We have already fixed the vulnerability in the following versions: QTS...

CVE-2023-21054

In EUTRANLCSConvertLCSMOLRReq of LPPCommonUtil.c, there is a possible out of bounds write due to a logic error in the code. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...

Sql injection

PEEL Shopping CMS 9.4.0 is vulnerable to authenticated SQL injection in utilisateurs.php. A user that belongs to the administrator group can inject a malicious SQL query in order to affect the execution logic of the application and retrive information from the database...