EUVD-2022-55966

DrayTek Vigor 2960 firmware versions prior to 1.5.1.4 contain an OS command injection vulnerability in the CGI login handler that allows unauthenticated remote attackers to execute arbitrary commands by injecting shell metacharacters into the formpassword parameter. Attackers can exploit...

CVE-2022-50994 DrayTek Vigor 2960 < 1.5.1.4 OS Command Injection via mainfunction.cgi

DrayTek Vigor 2960 firmware versions prior to 1.5.1.4 contain an OS command injection vulnerability in the CGI login handler that allows unauthenticated remote attackers to execute arbitrary commands by injecting shell metacharacters into the formpassword parameter. Attackers can exploit...

DrayTek Vigor 2960 操作系统命令注入漏洞

The DrayTek Vigor 2960 is a router product developed by DrayTek Corporation. Versions prior to 1.5.1.4 of the DrayTek Vigor 2960 contained an operating system command injection vulnerability. This vulnerability stemmed from issues with OS command injection in the CGI login processing mechanism. I...

EUVD-2023-27003

Malicious code in bioql PyPI...

EUVD-2021-31011

Malicious code in bioql PyPI...

CVE-2023-22901

ChangingTec MOTP system has a path traversal vulnerability. A remote attacker with administrator’s privilege can exploit this vulnerability to access arbitrary system files...

CVE-2023-22901

ChangingTec MOTP system has a path traversal vulnerability. A remote attacker with administrator’s privilege can exploit this vulnerability to access arbitrary system files...

Path traversal

ChangingTec MOTP system has a path traversal vulnerability. A remote attacker with administrator’s privilege can exploit this vulnerability to access arbitrary system files...

ChangingTec MOTP 路径遍历漏洞

ChangingTec MOTP is a cell phone authentication software from the Chinese company ChangingTec. ChangingTec MOTP suffers from a path traversal vulnerability. A remote attacker can exploit this vulnerability to access arbitrary system files...

CVE-2023-22901

CVE-2023-22901 concerns the ChangingTec MOTP system, which is reported to have a path traversal vulnerability. The affected component is the MOTP system itself, with the root cause described as a path traversal flaw that could allow a remote attacker with administrator privileges to access arbitr...

CVE-2023-22901 ChangingTec MOTP - Path Traversal

ChangingTec MOTP system has a path traversal vulnerability. A remote attacker with administrator’s privilege can exploit this vulnerability to access arbitrary system files...

CVE-2023-22901 ChangingTec MOTP - Path Traversal

ChangingTec MOTP system has a path traversal vulnerability. A remote attacker with administrator’s privilege can exploit this vulnerability to access arbitrary system files...

Sql injection

Changing MOTP Mobile One Time Password system’s specific function parameter has insufficient validation for user input. A attacker in local area network can perform SQL injection attack to read, modify or delete backend database without authentication...

CVE-2021-44161

The CVE-2021-44161 entry concerns panorama Mobile One Time Password (MOTP) from China Panorama. The issue: a specific function parameter is not properly validated, enabling SQL injection from an attacker on the same local network to read, modify, or delete the backend database. Connected sources ...

CVE-2021-44161 Changing Information Technology Inc. MOTP(Mobile One Time Password) - SQL Injection

Changing MOTP Mobile One Time Password system’s specific function parameter has insufficient validation for user input. A attacker in local area network can perform SQL injection attack to read, modify or delete backend database without authentication...