Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Support for specifying the srptserviceguid parameter. The current behavior is that setting this parameter while loading the ibsrpt kernel module triggers a kernel crash. Bug: Kernel’s NULL pointer dereferencing, addres...

CVE-2025-15559

An unauthenticated attacker can inject OS commands when calling a server API endpoint in NesterSoft WorkTime. The server API call to generate and download the WorkTime client from the WorkTime server is vulnerable in the “guid” parameter. This allows an attacker to execute arbitrary commands on t...

CVE-2025-15559

An unauthenticated attacker can inject OS commands when calling a server API endpoint in NesterSoft WorkTime. The server API call to generate and download the WorkTime client from the WorkTime server is vulnerable in the “guid” parameter. This allows an attacker to execute arbitrary commands on t...

CVE-2025-15559 Unauthenticated OS Command Injection in NesterSoft WorkTime

An unauthenticated attacker can inject OS commands when calling a server API endpoint in NesterSoft WorkTime. The server API call to generate and download the WorkTime client from the WorkTime server is vulnerable in the “guid” parameter. This allows an attacker to execute arbitrary commands on t...

CVE-2025-15559

The CVE describes an unauthenticated OS command injection in NesterSoft WorkTime, exploitable via the server API endpoint used to generate/download the WorkTime client, specifically in the risk-prone “guid” parameter. The underlying issue allows arbitrary commands to run on the WorkTime server wi...

NesterSoft WorkTime 安全漏洞

NesterSoft WorkTime is a project tracking software developed by the Canadian company NesterSoft. NesterSoft WorkTime has a security vulnerability, which stems from an OS command injection vulnerability in the server API endpoint GUID parameter. This vulnerability could allow for the execution of...

PT-2026-20798

An unauthenticated attacker can inject OS commands when calling a server API endpoint in NesterSoft WorkTime. The server API call to generate and download the WorkTime client from the WorkTime server is vulnerable in the “guid” parameter. This allows an attacker to execute arbitrary commands on t...

kernel: RDMA/srpt: Support specifying the srpt_service_guid parameter

A flaw was foundin the Linux Kernel when specifying the srptserviceguid parameter, which may lead to kernel crash...

Clario: Reflected XSS on stage.mackeeper.com

Summary RXSS on https://stage.mackeeper.com/ , the vulnerable parameter is guid. Step to reproduce Visit the following link:...

McAfee ePolicy Orchestrator DataChannel GUID SQL Injection (CVE-2016-8027)

An SQL injection vulnerability exists in McAfee ePolicy Orchestrator. The vulnerability is due to insufficient input validation on the GUID parameter. A remote unauthenticated attacker could exploit this vulnerability by sending a specially crafted request to the affected server. Successful...

SQL injection vulnerability in VOA (Pengwei) system guid parameter

Shenzhen Pengwei Information Technology Co., Ltd VOA collaborative office platform is a kind of asp development OA system. VOA Pengwei system guid parameter exists SQL injection vulnerability, the vulnerability URL is...

shopNum VideoDetail.aspx guid参数SQL注入漏洞

No description provided by source...