CVE-2026-2944

A security flaw has been discovered in Tosei Online Store Management System ネット店舗管理システム 1.01. Affected is the function system of the file /cgi-bin/monitor.php of the component HTTP POST Request Handler. Performing a manipulation of the argument DevId results in os command injection. The attack ma...

CVE-2026-2944

The CVE-2026-2944 affects Tosei Online Store Management System v1.01. The vulnerability resides in the /cgi-bin/monitor.php component of the HTTP POST Request Handler; manipulating the DevId argument enables OS command injection. It is exploitable remotely, and public PoCs/exploits exist. No vend...

CVE-2026-2944 Tosei Online Store Management System ネット店舗管理システム HTTP POST Request monitor.php system os command injection

A security flaw has been discovered in Tosei Online Store Management System ネット店舗管理システム 1.01. Affected is the function system of the file /cgi-bin/monitor.php of the component HTTP POST Request Handler. Performing a manipulation of the argument DevId results in os command injection. The attack ma...

PT-2026-21429

Name of the Vulnerable Software and Affected Versions Tosei Online Store Management System version 1.01 Description A security flaw exists in the function system of the /cgi-bin/monitor.php file within the HTTP POST Request Handler component. Manipulation of the DevId argument results in operatin...

Tosei Online Store Management System 操作系统命令注入漏洞

Tosei Online Store Management System is an online store management system developed by Tosei Corporation. Version 1.01 of the Tosei Online Store Management System contains a vulnerability related to operating system command injection. This vulnerability arises from incorrect handling of the...

Cross-site Scripting (XSS)

zoneminder is vulnerable to Cross Site Scripting. The vulnerability exists due to a lack of validation in the 'newMonitorLinkedMonitors' parameter value in the view monitor monitor.php...

Cross-site Scripting (XSS)

zoneminder is vulnerable to Cross Site Scripting. The vulnerability exists due to a lack of validation of the field named "signal check color" monitor.php...

CVE-2019-7343

Reflected - Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'newMonitorMethod' parameter value in the view monitor monitor.php because proper filtration is omitted...

Cross site scripting

Reflected - Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'newMonitorLinkedMonitors' parameter value in the view monitor monitor.php because proper filtration is omitted...

PT-2019-18536 · Zoneminder +3 · Zoneminder +3

Name of the Vulnerable Software and Affected Versions: ZoneMinder versions prior to 1.32.4 Description: A Self-Stored Cross Site Scripting XSS issue exists when editing an existing monitor field named "signal check color" in monitor.php. The lack of input validation and output filtration makes it...

PHPIDS 0.4 - Remote File Inclusion

PHPIDS 0.4 - Remote File Inclusion Vulnerability @package PHPIDS @Version 0.4 @license http://www.gnu.org/licenses/lgpl.html LGP @link http://php-ids.org/ Type : Remote File Inclusion Vulnerability Author: eidelweiss Date : 2010-02-08 Location: Indonesia http://yogyacarderlink.web.id Contact:...