6 matches found
CVE-2024-23706
In multiple locations, there is a possible bypass of health data permissions due to an improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2024-29746
In lpmreqhandler of lpm.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2021-35397
A path traversal vulnerability in the static router for Drogon from 1.0.0-beta14 to 1.6.0 could allow an unauthenticated, remote attacker to arbitrarily read files. The vulnerability is due to lack of proper input validation for requested path. An attacker could exploit this vulnerability by...
SAP 3D Visual Enterprise Viewer Denial of Service Vulnerability (CNVD-2021-22142)
SAP 3D Visual Enterprise Viewer is a free 3D visualization viewer for Windows. A denial of service vulnerability exists in SAP 3D Visual Enterprise Viewer version 9. The vulnerability stems from improper input validation. An attacker could exploit the vulnerability by means of a specially crafted...
Exploit for Improper Input Validation in Drupal
POC of CVE-2018-7600 Drupal RCE CVE-2018-7600 Dont Forge...
PHPWebThings 1.4 - download.php?File SQL Injection
PHPWebThings 1.4 - download.php?File SQL Injection source: https://www.securityfocus.com/bid/15399/info phpWebThings is prone to an SQL injection vulnerability. This is an input validation issue related to data that will be used in SQL queries, allowing a remote user to influence the structure an...