CVE-2026-31953 Xibo CMS has Stored XSS via Notification Body with Zero-Click Execution on Login

Xibo is an open source digital signage platform with a web content management system and Windows display player software. A stored Cross-Site Scripting XSS vulnerability in versions prior to 4.4.1 allows an authenticated user with notification creation permissions to inject arbitrary JavaScript...

CVE-2023-50089

A Command Injection vulnerability exists in NETGEAR WNR2000v4 version 1.0.0.70. When using HTTP for SOAP authentication, command execution occurs during the process after successful authentication...

update-motd.d Persistence

This module will add a script in /etc/update-motd.d/ in order to persist a payload. The payload will be executed with root privileges everytime a user logs in. Root privileges are likely required to write to /etc/update-motd.d/. Verified on Ubuntu 22.04 Module Options msf use...

Cross-site Scripting (XSS)

concrete5/concrete5 is vulnerable to Stored Cross-Site Scripting XSS. The vulnerability is due to improper handling of malicious folders in the Members Dashboard Home Folder, which allows an attacker with admin privileges to inject XSS that executes when users log in...

CVE-2024-36469

Execution time for an unsuccessful login differs when using a non-existing username compared to using an existing one...

CVE-2023-26866

GreenPacket OH736's WR-1200 Indoor Unit, OT-235 with firmware versions M-IDU-1.6.0.3V1.1 and MH-46360-2.0.3-R5-GP respectively are vulnerable to remote command injection. Commands are executed using pre-login execution and executed with root privileges allowing complete takeover...

CVE-2023-26866

GreenPacket OH736's WR-1200 Indoor Unit, OT-235 with firmware versions M-IDU-1.6.0.3V1.1 and MH-46360-2.0.3-R5-GP respectively are vulnerable to remote command injection. Commands are executed using pre-login execution and executed with root privileges allowing complete takeover...

CVE-2023-0776

Baicells Nova 436Q, Nova 430E, Nova 430I, and Neutrino 430 LTE TDD eNodeB devices with firmware through QRTB 2.12.7 are vulnerable to remote shell code exploitation via HTTP command injections. Commands are executed using pre-login execution and executed with root permissions. The following metho...

Command injection

Baicells Nova 436Q, Nova 430E, Nova 430I, and Neutrino 430 LTE TDD eNodeB devices with firmware through QRTB 2.12.7 are vulnerable to remote shell code exploitation via HTTP command injections. Commands are executed using pre-login execution and executed with root permissions. The following metho...

CVE-2023-24508

Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB and Nova 246 devices with firmware through RTS/RTD 3.6.6 are vulnerable to remote shell code exploitation via HTTP command injections. Commands are executed using pre-login execution and executed with root permissions. The following methods...

Oracle Solaris Kernel License Issue Vulnerability (CNVD-2020-59221)

Oracle Solaris is a set of UNIX operating systems from Oracle. An authorization issue vulnerability exists in Oracle Solaris Kernel version 11, which can be exploited by an attacker to compromise Oracle Solaris infrastructure by allowing a low-privileged attacker to log in to Oracle Solaris and...

Yamaha Corporation Script Injection Vulnerability in Multiple Products

Yamaha Broadband VoIP Router RT57i and others are Yamaha Corporation router products. A script injection vulnerability exists in multiple Yamaha Corporation products, where an administrator with malicious intent could embed arbitrary scripts into an administrative screen in a scenario where...

Script injection vulnerability in multiple Yamaha Corporation products (CNVD-2018-16849)

Yamaha Broadband VoIP Router RT57i and others are Yamaha Corporation router products. A script injection vulnerability exists in multiple Yamaha Corporation products, where an administrator with malicious intent could embed arbitrary scripts into an administrative screen in a scenario where...

CVE-2017-11849

Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to log in and run a specially crafted application due to the Windo...