15 matches found
CVE-2026-9153
Arbitrary File Read vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to read arbitrary files via the expression parameter due to insufficient input validation...
CVE-2026-9155
OS Command Injection vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the expression parameter due to insufficient input validation...
CVE-2026-9154
Arbitrary File Write vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to write attacker-controlled content to arbitrary file paths via the expression parameter...
CVE-2026-8665
OS Command Injection vulnerability in the TR action of Rapid7 InsightConnect Translate Plugin on Linux allows remote attackers to execute arbitrary OS commands via the text or expression parameters due to insufficient input sanitization in shell command construction...
CVE-2026-9153 Arbitrary File Read in Rapid7 InsightConnect Sed Plugin
Arbitrary File Read vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to read arbitrary files via the expression parameter due to insufficient input validation...
EUVD-2026-39155
Arbitrary File Read vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to read arbitrary files via the expression parameter due to insufficient input validation...
CVE-2026-9154 Arbitrary File Write in Rapid7 InsightConnect Sed Plugin
Arbitrary File Write vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to write attacker-controlled content to arbitrary file paths via the expression parameter...
EUVD-2026-39154
Arbitrary File Write vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to write attacker-controlled content to arbitrary file paths via the expression parameter...
CVE-2026-9155
The CVE-2026-9155 issue affects the Rapid7 InsightConnect Sed Plugin running on Linux. It is a command-injection vulnerability in the expression parameter, caused by insufficient input validation, enabling authenticated attackers to run arbitrary OS commands on the host. The commonly cited score ...
CVE-2026-9155 OS Command Injection in Rapid7 InsightConnect Sed Plugin via expression parameter.
OS Command Injection vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the expression parameter due to insufficient input validation...
PT-2026-52161
Name of the Vulnerable Software and Affected Versions Rapid7 InsightConnect Sed Plugin on Linux affected versions not specified Description An OS Command Injection issue exists in the Sed Plugin on Linux. Authenticated attackers can execute arbitrary operating system commands through the expressi...
PT-2026-52159
Name of the Vulnerable Software and Affected Versions Rapid7 InsightConnect Sed Plugin on Linux affected versions not specified Description Insufficient input validation in the Sed Plugin allows authenticated attackers to read arbitrary files. This is achieved by manipulating the expression...
CVE-2026-2277
The rexCrawler plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'url' and 'regex' parameters in the search-pattern tester page in all versions up to, and including, 1.0.15 due to insufficient input sanitization and output escaping. This makes it possible for...
ABCD2 跨站脚本漏洞
ABCD2 is an ABCD open source software suite for library and documentation center automation. A cross-site scripting vulnerability exists in ABCD2 2.2.0-beta-1 and earlier versions, which stems from some unknown handling of the file /buscarintegrada.php, where manipulation of the parameter...
Genesys Intelligent Workload Distribution SQL注入漏洞
Genesys Intelligent Workload Distribution Iwd is an application from Genesys, Inc. It can be used with the Genesys Customer Interaction Management Cim platform to assign tasks to the resources best suited to handle them. A SQL injection vulnerability exists in Genesys Intelligent Workload...