200 matches found
PT-2025-10645
Name of the Vulnerable Software and Affected Versions Nintex Automation versions 5.6 through 5.7 Description The issue concerns configuration files in the K2 SmartForms Designer folder that contain passwords readable by unauthorized users. Recommendations For Nintex Automation versions 5.6 throug...
CVE-2025-27926
In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files web.config containing passwords that are readable by unauthorized users...
CVE-2025-27926
In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files web.config containing passwords that are readable by unauthorized users...
kotwa-k2.pl Cross Site Scripting vulnerability OBB-3909739
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
k2.tech Cross Site Scripting vulnerability OBB-3810875
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2023-40796
Phicomm k2 v22.6.529.216 was discovered to contain a command injection vulnerability via the function luci.sys.call...
CVE-2023-40796
Phicomm k2 v22.6.529.216 was discovered to contain a command injection vulnerability via the function luci.sys.call...
CVE-2023-40796
Phicomm k2 v22.6.529.216 was discovered to contain a command injection vulnerability via the function luci.sys.call...
Command injection
Phicomm k2 v22.6.529.216 was discovered to contain a command injection vulnerability via the function luci.sys.call...
PHICOMM K2 命令注入漏洞
The PHICOMM K2 is a wireless router from the Chinese company PHICOMM. A command injection vulnerability exists in PHICOMM k2 version v22.6.529.216, which stems from the presence of a command injection vulnerability...
CVE-2023-40796
Phicomm K2 devices, specifically v22.6.529.216, are affected by a command injection vulnerability in the luci.sys.call function. Root cause: insecure handling in luci.sys.call enables local exploitation with user interaction, potentially leading to remote command execution with high impact. Explo...
PT-2023-27640 · Phicomm · Phicomm K2
Name of the Vulnerable Software and Affected Versions: Phicomm k2 version 22.6.529.216 Description: The Phicomm k2 router contains a command injection vulnerability via the luci.sys.call function. This issue allows for remote command execution. Recommendations: For Phicomm k2 version 22.6.529.216...
CVE-2023-40796
Phicomm k2 v22.6.529.216 was discovered to contain a command injection vulnerability via the function luci.sys.call...
CVE-2023-40796
Phicomm k2 v22.6.529.216 was discovered to contain a command injection vulnerability via the function luci.sys.call...
k2-systems.com Cross Site Scripting vulnerability OBB-3341719
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
SUSE CVE-2009-2395
SQL injection vulnerability in the K2 comk2 component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to index.php...
CVE-2022-48071
Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext...
CVE-2022-48071
Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext...
CVE-2022-48070
Phicomm K2 v22.6.534.263 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function...
CVE-2022-48070
Phicomm K2 v22.6.534.263 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function...