35 matches found
CVE-2020-10879
rConfig before 3.9.5 allows command injection by sending a crafted GET request to lib/crud/search.crud.php since the nodeId parameter is passed directly to the exec function without being escaped...
CVE-2020-10879
rConfig before 3.9.5 allows command injection by sending a crafted GET request to lib/crud/search.crud.php since the nodeId parameter is passed directly to the exec function without being escaped...
CVE-2020-10879
rConfig before 3.9.5 allows command injection by sending a crafted GET request to lib/crud/search.crud.php since the nodeId parameter is passed directly to the exec function without being escaped...
open62541/fuzz_binary_message: Heap-use-after-free in NodeId_deleteMembers
Project: https://github.com/open62541/open62541.git Detailed report: https://oss-fuzz.com/testcase?key=5776306856787968 Project: open62541 Fuzzer: aflopen62541fuzzbinarymessage Fuzz target binary: fuzzbinarymessage Job Type: aflasanopen62541 Platform Id: linux Crash Type: Heap-use-after-free READ...
CVE-2014-3446
SQL injection vulnerability in wcm/system/pages/admin/getnode.aspx in BSS Continuity CMS 4.2.22640.0 allows remote attackers to execute arbitrary SQL commands via the nodeid parameter...
Sql injection
SQL injection vulnerability in wcm/system/pages/admin/getnode.aspx in BSS Continuity CMS 4.2.22640.0 allows remote attackers to execute arbitrary SQL commands via the nodeid parameter...
CVE-2013-3522
SQL injection vulnerability in index.php/ajax/api/reputation/vote in vBulletin 5.0.0 Beta 11, 5.0.0 Beta 28, and earlier allows remote authenticated users to execute arbitrary SQL commands via the nodeid parameter...
Sql injection
SQL injection vulnerability in index.php/ajax/api/reputation/vote in vBulletin 5.0.0 Beta 11, 5.0.0 Beta 28, and earlier allows remote authenticated users to execute arbitrary SQL commands via the nodeid parameter...
VBulletin 'nodeid'参数SQL注入漏洞
BUGTRAQ ID: 58754 vBulletin是一个强大灵活并可完全根据自己的需要定制的论坛程序套件。 VBulletin 5.0.0 Beta 11 - 5.0.0 Beta 28及其他版本在 'nodeid' 参数的实现上存在SQL注入漏洞,攻击者可利用此漏洞破坏应用,执行未授权操作。 0 VBulletin 厂商补丁: VBulletin --------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.vbulletin.com/ !/usr/bin/perl use LWP::UserAgent;...
CVE-2009-2145
Multiple cross-site scripting XSS vulnerabilities in transLucid 1.75 allow remote attackers to inject arbitrary web script or HTML via the a NodeID and b action parameters to the default URI, and the c NodeID parameter to the default URI for the admin section; and allow remote authenticated users...
CVE-2009-2145
Multiple cross-site scripting XSS vulnerabilities in transLucid 1.75 allow remote attackers to inject arbitrary web script or HTML via the a NodeID and b action parameters to the default URI, and the c NodeID parameter to the default URI for the admin section; and allow remote authenticated users...
CVE-2009-2145
Multiple cross-site scripting XSS vulnerabilities in transLucid 1.75 allow remote attackers to inject arbitrary web script or HTML via the a NodeID and b action parameters to the default URI, and the c NodeID parameter to the default URI for the admin section; and allow remote authenticated users...
Translucid 1.75 XSS / HTML Injection
transLucid - Cross Site Scripting and HTML Injection Vulnerabilities Version Affected: 1.75 newest Info: transLucidonline is the easy website publishing system with which anyone can create and maintain web content, in multiple languages and based on a growing list of ready-made, professional...
TransLucid 1.75 - Multiple Vulnerabilities
transLucid - Cross Site Scripting and HTML Injection Vulnerabilities Version Affected: 1.75 newest Info: transLucidonline is the easy website publishing system with which anyone can create and maintain web content, in multiple languages and based on a growing list of ready-made, professional...
TransLucid 1.75 Multiple Remote Vulnerabilities
Exploit for unknown platform in category web applications =============================================== TransLucid 1.75 Multiple Remote Vulnerabilities =============================================== transLucid - Cross Site Scripting and HTML Injection Vulnerabilities Version Affected: 1.75...