PT-2024-7097 · Cisco · Cisco Routed Pon Controller +1

Name of the Vulnerable Software and Affected Versions: Cisco Routed PON Controller Software affected versions not specified Description: The issue exists due to insufficient validation of arguments passed to specific configuration commands, allowing an authenticated, remote attacker with...

Jumpserver Code Injection Vulnerability

Jumpserver is an open source bastion machine from Hangzhou Feizhiyun Information Technology Co. in China. JumpServer suffers from a code injection vulnerability that originates from an authenticated user who can execute arbitrary commands using a vulnerability in a MongoDB session, leading to...

SUSE CVE-2013-4650

MongoDB 2.4.x before 2.4.5 and 2.5.x before 2.5.1 allows remote authenticated users to obtain internal system privileges by leveraging a username of system in an arbitrary database...

Rocket.Chat 信息泄露漏洞

Rocket.Chat is an open source team chat software. Rocket.Chat suffers from an information disclosure vulnerability that stems from the actionLinkHandler method allowing message ID enumeration using a Regex MongoDB query. An attacker can exploit the vulnerability to obtain sensitive information...

Exploit for Expression Language Injection in Vmware Spring_Data_Mongodb

Springcve-2022-22980 spring data mongodb remote code executio...

PT-2022-4943 · Unknown · Rocket.Chat

Name of the Vulnerable Software and Affected Versions: Rocket.Chat versions prior to 5 Rocket.Chat versions prior to 4.8.2 Rocket.Chat versions prior to 4.7.5 Description: An information disclosure issue exists due to insufficient input validation in the actionLinkHandler method, allowing Message...

Mquery Security Vulnerability

Aheckmann Mquery is a Javascript-based codebase for efficiently generating Mongdb query statements from the individual developer Aheckmann. A security vulnerability exists in mquery lib/utils.js versions prior to 3.2.3, which allows contamination attacks because a special attribute e.g. proto can...

PT-2019-6829 · Red Hat · Openshift

Name of the Vulnerable Software and Affected Versions: OpenShift affected versions not specified Description: The issue is related to the improper creation of files in /tmp by the dump.sh script in the cartridges/openshift-origin-cartridge-mongodb-2.2/info/bin directory of OpenShift...

PHPMoAdmin 'moadmin.php' Remote Code Execution Vulnerability

phpMoAdmin is a PHP development in the MongoDB management tools , can be used to create , delete and modify databases and indexes , provide views and data search tools , provide database startup time and memory statistics , support JSON. A remote code execution vulnerability exists in PHPMoAdmin...