PT-2025-49550

Some endpoints in vulnerability-lookup that modified application state e.g. changing database entries, user data, configurations, or other privileged actions may have been accessible via HTTP GET requests without requiring a CSRF token. This flaw leaves the application vulnerable to Cross-Site...

EUVD-2005-2421

Malware in sbrugna...

The vulnerability of D-Link DSL-2640U and DSL-2540U router microprogramming systems lies in the lack of measures to neutralize special elements used in the operating system’s command set, allowing attackers to execute arbitrary commands.

The vulnerability of D-Link DSL-2640U and DSL-2540U router microprogramming systems lies in the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows an attacker to execute arbitrary commands using metasymbols within the...

多款Anpviz产品 安全漏洞

Anpviz IPC is a series of network cameras from Anpviz. A security vulnerability exists in multiple Anpviz products that originates from a vulnerability that allows an unauthenticated attacker to download arbitrary files from the device's filesystem to /reloading/URI via an HTTP GET request.Affect...

CVE-2020-29659

A buffer overflow in the web server of Flexense DupScout Enterprise 10.0.18 allows a remote anonymous attacker to execute code as SYSTEM by overflowing the sid parameter via a GET /settings&sid= attack...