5 matches found
PHP Remote File Inclusion
Overview froxlor/froxlor is a server administration software. Affected versions of this package are vulnerable to PHP Remote File Inclusion via the deflanguage parameter in the API, which is not properly validated against the list of available language files. An attacker can execute arbitrary PHP...
CVE-2021-39819
Adobe InCopy version 11.1 and earlier is affected by a memory corruption vulnerability due to insecure handling of a malicious XML file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability...
CVE-2018-17926
The product M2M ETHERNET FW Versions 2.22 and prior, ETH-FW Versions 1.01 and prior is vulnerable in that an attacker can upload a malicious language file by bypassing the user authentication mechanism...
Authentication flaw
The product M2M ETHERNET FW Versions 2.22 and prior, ETH-FW Versions 1.01 and prior is vulnerable in that an attacker can upload a malicious language file by bypassing the user authentication mechanism...
ABB M2M ETHERNET
1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable from an adjacent network/low skill level to exploit Vendor: ABB Equipment: M2M ETHERNET Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to upload a malicious...