9 matches found
CVE-2026-24138
FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Versions 1.5.10.1754 and below contain an unauthenticated SSRF vulnerability in getversion.php which can be triggered by providing a user-controlled url parameter. It can be used to fetch both internal websites an...
CVE-2026-24138
FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Versions 1.5.10.1754 and below contain an unauthenticated SSRF vulnerability in getversion.php which can be triggered by providing a user-controlled url parameter. It can be used to fetch both internal websites an...
EUVD-2026-4538
FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Versions 1.5.10.1754 and below contain an unauthenticated SSRF vulnerability in getversion.php which can be triggered by providing a user-controlled url parameter. It can be used to fetch both internal websites an...
CVE-2026-24138 FOG vulnerable to unauthenticated SSRF via `/fog/service/getversion.php`
FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Versions 1.5.10.1754 and below contain an unauthenticated SSRF vulnerability in getversion.php which can be triggered by providing a user-controlled url parameter. It can be used to fetch both internal websites an...
CVE-2026-24138
FOG (FOG Project) versions 1.5.10.1754 and earlier are affected by an unauthenticated SSRF in getversion.php. An attacker can supply a user-controlled url parameter, potentially reaching internal sites or files on the vulnerable host, and this request may be processed without an authenticated ses...
CVE-2026-24138
FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Versions 1.5.10.1754 and below contain an unauthenticated SSRF vulnerability in getversion.php which can be triggered by providing a user-controlled url parameter. It can be used to fetch both internal websites an...
FOG code issues and vulnerabilities
FOG is an open-source computer cloning and management system developed by the FOG Project. Versions of FOG 1.5.10.1754 and earlier contained code vulnerabilities. These vulnerabilities stemmed from unvalidated server-side request forgery in the getversion.php script, which could lead to the...
CVE-2024-7099 SQL Injection in netease-youdao/qanything
netease-youdao/qanything version 1.4.1 contains a vulnerability where unsafe data obtained from user input is concatenated in SQL queries, leading to SQL injection. The affected functions include getknowledgebasename, fromstatustostatus, deletefiles, and getfilebystatus. An attacker can exploit...
DESlock+ <= 4.1.10 vdlptokn.sys Local Kernel ring0 SYSTEM Exploit
No description provided by source. / deslock-vdlptokn.c Copyright c 2009 by [email protected] DESlock+ = 4.1.10 local kernel ring0 SYSTEM exploit by mu-b - Wed 17 Jun 2009 - Tested on: vdlptokn.sys 1.0.3.54 Compile: MinGW + -lntdll - this exploit is provided for educational purposes only. You a...