22 matches found
EUVD-2026-21996
Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via module search. This issue affects Pandora FMS: from 777 through 800...
CVE-2026-30813
Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via module search. This issue affects Pandora FMS: from 777 through 800...
CVE-2026-30813 SQL Injection in Module Search leads to Database Compromise
Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via module search. This issue affects Pandora FMS: from 777 through 800...
CVE-2026-30813
CVE-2026-30813 describes an SQL Injection vulnerability in Pandora FMS versions 777 through 800, caused by improper neutralization of special elements in SQL commands used during the module search. The affected component is the module search functionality; root cause is inadequate input handling ...
CVE-2026-30813 SQL Injection in Module Search leads to Database Compromise
Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via module search. This issue affects Pandora FMS: from 777 through 800...
PT-2026-32387
Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injection via module search. This issue affects Pandora FMS: from 777 through 800...
CVE-2026-5271 Possible to hijack modules in current working directory
pymanager included the current working directory in sys.path meaning modules could be shadowed by modules in the current working directory. As a result, if a user executes a pymanager-generated command e.g., pip, pytest from an attacker-controlled directory, a malicious module in that directory c...
CVE-2026-5271
Mode C: CVE-2026-5271 affects the Python project pymanager. The issue arises because the current working directory is added to sys.path, allowing modules in the CWD to shadow imported modules. This can lead to a module being overridden or shadowed, with potential integrity impact on the running e...
CVE-2026-24417 OpenSTAManager has a Time-Based Blind SQL Injection with Amplified Denial of Service
OpenSTAManager is an open source management software for technical assistance and invoicing. OpenSTAManager v2.9.8 and earlier contain a critical Time-Based Blind SQL Injection vulnerability in the global search functionality. The application fails to properly sanitize the term parameter before...
Malicious code in kiwi-module-search (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2065b8ef87a0ef23f1d6589f86841c8e890785f615a13d214446f9a6feb1b4ba Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-6174 Malicious code in kiwi-module-search (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 2065b8ef87a0ef23f1d6589f86841c8e890785f615a13d214446f9a6feb1b4ba Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MemTracer - Memory Scaner
MemTracer is a tool that offers live memory analysis capabilities, allowing digital forensic practitioners to discover and investigate stealthy attack traces hidden in memory. The MemTracer is implemented in Python language, aiming to detect reflectively loaded native .NET framework Dynamic-Link...
Privilege Defined With Unsafe Actions
Overview System.Management.Automation is a System Management Automation for PowerShell. Affected versions of this package are vulnerable to Privilege Defined With Unsafe Actions in the module search paths that will return empty strings for special folders that don't exist in some accounts like...
[SECURITY] Fedora 29 Update: drupal7-module_filter-2.2-1.fc29
The modules list page can become quite big when dealing with a fairly large site or even just a dev site meant for testing new and various modules being considered. What this module aims to accomplish is the ability to quickly find the modu le you are looking for without having to rely on the...
SQL Injection Vulnerability in the Search of Complaint and Suggestion Module of SMiCMS School Cluster System
State Micro CMS is one of the mainstream CMS systems in China, and is also the largest open source platform provider in the field of PHP in Southern China. State Micro CMS school cluster system complaints and suggestions module search at the existence of SQL injection vulnerabilities. Attackers c...
Debian DSA-1828-1 : ocsinventory-agent - insecure module search path
It was discovered that the ocsinventory-agent which is part of the ocsinventory suite, a hardware and software configuration indexing service, is prone to an insecure perl module search path. As the agent is started via cron and the current directory / in this case is included in the default perl...
dstat insecure module search path
Multiple untrusted search path vulnerabilities in dstat before 0.7.0 allow local users to gain privileges via a Trojan horse Python module in 1 the current working directory or 2 a certain subdirectory of the current working directory...
FreeBSD : emacs -- run-python vulnerability (66657bd5-ac92-11dd-b541-001f3b19d541)
Emacs developers report : The Emacs command run-python' launches an interactive Python interpreter. After the Python process starts up, Emacs automatically sends it the line : import emacs which normally imports a script named emacs.py which is distributed with Emacs. This script, which is...
GNU Emacs 'python.el'代码执行漏洞
BUGTRAQ ID: 31052 CNCAN ID:CNCAN-2008091008 Emacs是一款可扩展的实时显示编辑器。 GNU Emacs不正确处理Python脚本,本地攻击者可以利用漏洞以应用程序权限执行任意代码。 GNU Emacs命令run-python'启动交互的Python解析器,在Python启动后,Emacs自动发送: import emacs 用于导入Emacs分发的emacs.py脚本,这个脚本一般位于包含其他Emacs程序文件的写保护的安装目录中,定义各种函数帮助Python与Emacs通信处理。...
emacs -- run-python vulnerability
Emacs developers report: The Emacs command run-python' launches an interactive Python interpreter. After the Python process starts up, Emacs automatically sends it the line: import emacs which normally imports a script named emacs.py which is distributed with Emacs. This script, which is typicall...