365 matches found
CVE-2015-9460
The booking-system plugin before 2.1 for WordPress has DOPBSPBackEndTranslation::display SQL injection via the language parameter...
CVE-2016-10755
AbanteCart 1.2.8 allows SQL Injection via the sourcelanguage parameter to admin/controller/pages/localisation/language.php and core/lib/languagemanager.php, or via POST data to admin/controller/pages/tool/backup.php and admin/model/tool/backup.php...
CVE-2024-55063
Multiple Code Injection vulnerabilities in EasyVirt DC NetScope = 8.7.0 allows remote authenticated attackers to execute arbitrary code via the 1 lang parameter to /international/keyboard/options; the 2 keyboardlayout or 3 keyboardvariant parameter to /international/settings/keyboard; the 4...
Siemens SENTRON 7KT PAC1260 Data Manager 操作系统命令注入漏洞
Siemens SENTRON 7KT PAC1260 Data Manager is a device for power monitoring and energy management from Siemens Germany. The Siemens SENTRON 7KT PAC1260 Data Manager suffers from an OS command injection vulnerability that stems from not cleaning up the language parameter of a specific POST request,...
PT-2025-37376
Name of the Vulnerable Software and Affected Versions Chamilo versions prior to 1.11.30 Description The Chamilo learning management system has an OS Command Injection issue. This occurs due to a failure to neutralize special elements used in the operating system command. Successful exploitation...
CVE-2024-13235
The Pinpoint Booking System – 1 WordPress Booking Plugin plugin for WordPress is vulnerable to SQL Injection via the 'language' parameter in all versions up to, and including, 2.9.9.5.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing...
PT-2025-7339 · WordPress · Pinpoint Booking System
Name of the Vulnerable Software and Affected Versions: The Pinpoint Booking System – 1 WordPress Booking Plugin versions up to, and including, 2.9.9.5.2 Description: The issue allows authenticated attackers with Subscriber-level access and above to perform SQL Injection via the language parameter...
Cianet ONU GW24AC 代码注入漏洞
The Cianet ONU GW24AC is a network device from Cianet. A code injection vulnerability exists in the Cianet ONU GW24AC version 20250127 and prior versions, which stems from the fact that incorrect operation of the parameter browserLang can lead to cross-site scripting attacks...
AMTT Hotel Broadband Operation System 代码注入漏洞
AMTT Hotel Broadband Operation System is a hotel broadband operation system from China's AmTech Century AMTT. A code injection vulnerability exists in AMTT Hotel Broadband Operation System HiBOS 3.0.3.151204 and earlier versions, which originates from the parameter LangID/LangName/LangEName in th...
PT-2024-40155 · Saltcorn · Saltcorn
Name of the Vulnerable Software and Affected Versions: Saltcorn versions prior to a fixed version are affected, but the exact fixed version is not specified. Description: The issue arises from the unsafe use of the lang and defstring parameter values in the...
VulnCheck KEV: CVE-2020-27982
IceWarp 11.4.5.0 allows XSS via the language parameter...
i-doit 跨站脚本漏洞
i-doit is a configuration management database software from i-doit Inc. A cross-site scripting vulnerability exists in i-doit pro that stems from a lack of proper cleanup of the id, lang, mNavID, name, pID, treeNode, type, and view parameters...
CVE-2024-45312 Arbitrary language parameter can passed to `aspell` executable via spelling requests in overleaf
Overleaf is a web-based collaborative LaTeX editor. Overleaf Community Edition and Server Pro prior to version 5.0.7 or 4.2.7 for the 4.x series contain a vulnerability that allows an arbitrary language parameter in client spelling requests to be passed to the aspell executable running on the...
PT-2024-6487 · Totolink · Totolink Ex1200T
Name of the Vulnerable Software and Affected Versions: TOTOLINK EX1200L version 9.3.5u.6146 B20201023 Description: A critical vulnerability has been found in the function setLanguageCfg of the file /www/cgi-bin/cstecgi.cgi. The manipulation of the argument langType leads to a stack-based buffer...
VulnCheck KEV: CVE-2022-47945
ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack feature is enabled langswitchon=true. An unauthenticated and remote attacker can exploit this to execute arbitrary operating system commands, as demonstrated by including pearcmd.php...
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' due to the usage of un-sanitized string values into metric names or labels. An attacker could exploit this by sending a ?lang query paramet...
phpMyFAQ 安全漏洞
phpMyFAQ is a multilingual, fully database-driven Frequently Asked Questions FAQ system by the individual developer Thorsten Rinne. A security vulnerability exists in phpMyFAQ, which stems from the category image upload feature in phpmyfaq being susceptible to manipulation of the Content-type and...
UBUNTU-CVE-2024-29374
A Cross-Site Scripting XSS vulnerability exists in the way MOODLE 3.10.9 handles user input within the "GET /?lang=" URL parameter...
WordPress Plugin File Manager 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...
The vulnerability of the setLanguageCfg() function (/cgi-bin/cstecgi.cgi) in the Totolink LR1200GB router software allows a attacker to execute arbitrary code or cause a service failure.
The vulnerability of the setLanguageCfg function /cgi-bin/cstecgi.cgi of the Totolink LR1200GB router software lies in the fact that the operation is carried out outside the buffer in memory when processing the lang parameter. Exploiting this vulnerability allows an attacker to execute arbitrary...