14 matches found
EUVD-2017-15033
Malware in sbrugna...
EUVD-2017-15029
Malware in sbrugna...
EUVD-2022-33876
Malicious code in bioql PyPI...
CVE-2025-3612 Demtec Graphytics HTTP GET Parameter visualization cross site scripting
A vulnerability, which was classified as problematic, was found in Demtec Graphytics 5.0.7. This affects an unknown part of the file /visualization of the component HTTP GET Parameter Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The...
CVE-2025-3612 Demtec Graphytics HTTP GET Parameter visualization cross site scripting
A vulnerability, which was classified as problematic, was found in Demtec Graphytics 5.0.7. This affects an unknown part of the file /visualization of the component HTTP GET Parameter Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The...
CVE-2023-36550
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters...
Fortinet FortiWLM 操作系统命令注入漏洞
Fortinet FortiWLM is a wireless manager from Fortinet, Inc. Fortinet FortiWLM suffers from a command execution vulnerability that stems from an application's failure to properly filter construct command special characters, commands, etc. An attacker could use this vulnerability to execute...
RESI Gemini-Net Cross-Site Scripting Vulnerability
RESI Gemini-Net is a technology from RESI Italy for active and passive monitoring of communication networks and services.A cross-site scripting vulnerability exists in RESI Gemini-Net version 4.2. An attacker could exploit this vulnerability to inject arbitrary Web script or HTML into HTTP GET...
Selea Targa IP OCR-ANPR Camera Remote Code Execution
!/bin/bash Selea Targa IP OCR-ANPR Camera Unauthenticated Remote Code Execution Vendor: Selea s.r.l. Product web page: https://www.selea.com Affected version: Model: iZero Targa 512 Targa 504 Targa Semplice Targa 704 TKM Targa 805 Targa 710 INOX Targa 750 Targa 704 ILB Firmware: BLD201113005214...
CVE-2020-4893
IBM Emptoris Strategic Supply Management 10.1.0, 10.1.1, and 10.1.3 transmits sensitive information in HTTP GET request parameters. This may lead to information disclosure via man in the middle methods. IBM X-Force ID: 190984...
Authorization
An issue was discovered in Phalcon Eye through 0.4.1. The vulnerability exists due to insufficient filtration of user-supplied data in multiple HTTP GET parameters passed to the "phalconeye-master/public/external/pydio/plugins/editor.webodf/frame.php" URL. An attacker could execute arbitrary HTML...
CVE-2017-5960
An issue was discovered in Phalcon Eye through 0.4.1. The vulnerability exists due to insufficient filtration of user-supplied data in multiple HTTP GET parameters passed to the "phalconeye-master/public/external/pydio/plugins/editor.webodf/frame.php" URL. An attacker could execute arbitrary HTML...
Joomla! Plugin Core Design Scriptegrator - Local File Inclusion
Exploit Title: Core Design Scriptegrator plugin for Joomla! 1.5 file inclusion Author: S2 Crew Hungary Tested on: Debian Linux, Apache, Joomla! 1.5 Code: There's a file called jsloader.php which takes an array of file names from the HTTP GET parameters and calls include on every one of them...
Joomla Plugin Core Design Scriptegrator Local File Inclusion Vulnerability
Exploit for php platform in category web applications ========================================================================== Joomla Plugin Core Design Scriptegrator Local File Inclusion Vulnerability ========================================================================== Exploit Title: Cor...