Smoothwall Express 跨站脚本漏洞

Smoothwall Express is an open-source firewall operating system based on GNU/Linux, developed by Smoothwall. Versions of Smoothwall Express prior to 3.1 Update 13 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper cleaning of VPNIP parameters, and could lead t...

ProLink PRC2402M 操作系统命令注入漏洞

The ProLink PRC2402M is a router produced by ProLink Company in Singapore. Versions prior to 20190909/2021-06-13 of the PROLiNK PRC2402M had a vulnerability related to operating system command injection. This vulnerability stemmed from ip parameters that allowed for OS command injection,...

Tenda M3 安全漏洞

Tenda M3 is an access control controller from Tenda China. A security vulnerability exists in Tenda M3 version 1.0.0.13, which originates from incorrect manipulation of the parameters startip/endip/leasetime/gateway/dns1/dns2 in the file /goform/setDhcpAP, which could result in a stack buffer...

EUVD-1999-1099

Malware in sbrugna...

CVE-2024-44916

Vulnerability in adminip.php in Seacms v13.1, when action=set, allows attackers to control IP parameters that are written to the data/admin/ip.php file and could result in arbitrary command execution...

CVE-2024-44916

Vulnerability in adminip.php in Seacms v13.1, when action=set, allows attackers to control IP parameters that are written to the data/admin/ip.php file and could result in arbitrary command execution...

CVE-2024-44916

Vulnerability in adminip.php in Seacms v13.1, when action=set, allows attackers to control IP parameters that are written to the data/admin/ip.php file and could result in arbitrary command execution...

CVE-2024-44916

This CVE affects SeaCMS Seacms v13.1, specifically the admin_ip.php page. When action=set is used, an attacker can control IP parameters written to data/admin/ip.php, enabling arbitrary command execution. The vulnerability is evidenced across multiple sources (NVD/Red Hat/CNNVD) with CVSSv3.1 bas...

CVE-2022-24171

Tenda routers G1 and G3 v15.11.0.179502CN were discovered to contain a command injection vulnerability in the function formSetPppoeServer. This vulnerability allows attackers to execute arbitrary commands via the pppoeServerIP, pppoeServerStartIP, and pppoeServerEndIP parameters...

Tenda G1 and G3 命令注入漏洞

The Tenda G1 and G3 are routers from the Chinese company Tenda. A command injection vulnerability exists in the Tenda G1 and G3, which can be exploited to execute arbitrary commands via the pppoeServerIP, pppoeServerStartIP, and pppoeServerEndIP parameters...

Analysis of the fine fast CMS vulnerability-vulnerability warning-the black bar safety net

| The following is my personal analysis of the results as there are errors please forgive me The main problem in retrieve password member. php? action=getpw Look at the code case 'getpw': $showsubmenu = 0; $logstatus && showmsg$lang'loginalready', $forward; if isset$POST'submit' $msg = $POST'hash...

Sql injection

SQL injection vulnerability in index.php in DGBook 1.0, with magicquotesgpc disabled, allows remote attackers to execute arbitrary SQL commands via the 1 name, 2 email, 3 homepage, 4 address, 5 comment, and 6 ip parameters. NOTE: the provenance of this information is unknown; the details are...

CVE-1999-1118

ndd in Solaris 2.6 allows local users to cause a denial of service by modifying certain TCP/IP parameters...