102 matches found
CVE-2026-31386
OpenLiteSpeed and LSWS Enterprise provided by LiteSpeed Technologies contain an OS command injection vulnerability. An arbitrary OS command may be executed by an attacker with the administrative privilege...
EUVD-2026-12333
OpenLiteSpeed and LSWS Enterprise provided by LiteSpeed Technologies contain an OS command injection vulnerability. An arbitrary OS command may be executed by an attacker with the administrative privilege...
CVE-2026-31386
OpenLiteSpeed and LSWS Enterprise provided by LiteSpeed Technologies contain an OS command injection vulnerability. An arbitrary OS command may be executed by an attacker with the administrative privilege...
OpenLiteSpeed and LSWS Enterprise vulnerable to OS command injection
Overview OpenLiteSpeed and LSWS Enterprise provided by LiteSpeed Technologies contain the following vulnerability. OS command injection CWE-78 - CVE-2026-31386 Daisuke Nakayama of Mizuho Financial Group, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...
CVE-2026-31386
OpenLiteSpeed and LSWS Enterprise (LiteSpeed Technologies) are affected by CVE-2026-31386, an OS command injection (CWE-78). The vulnerability allows an arbitrary OS command to be executed by an attacker with administrative privileges. Public sources corroborate impact as arbitrary command execut...
CVE-2026-31386
OpenLiteSpeed and LSWS Enterprise provided by LiteSpeed Technologies contain an OS command injection vulnerability. An arbitrary OS command may be executed by an attacker with the administrative privilege...
CVE-2026-31386
OpenLiteSpeed and LSWS Enterprise provided by LiteSpeed Technologies contain an OS command injection vulnerability. An arbitrary OS command may be executed by an attacker with the administrative privilege...
CVE-2026-31386
OpenLiteSpeed and LSWS Enterprise provided by LiteSpeed Technologies contain an OS command injection vulnerability. An arbitrary OS command may be executed by an attacker with the administrative privilege...
PT-2026-25612
OpenLiteSpeed and LSWS Enterprise provided by LiteSpeed Technologies contain an OS command injection vulnerability. An arbitrary OS command may be executed by an attacker with the administrative privilege...
LiteSpeed Web Server Enterprise和LiteSpeed OpenLiteSpeed 操作系统命令注入漏洞
LiteSpeed Web Server Enterprise and LiteSpeed OpenLiteSpeed are products of the American company LiteSpeed. LiteSpeed Web Server Enterprise is a server software. LiteSpeed OpenLiteSpeed is also a web server software. Both LiteSpeed Web Server Enterprise and LiteSpeed OpenLiteSpeed have operating...
CVE-2021-47855
Openlitespeed 1.7.9 contains a stored cross-site scripting vulnerability in the dashboard's Notes parameter that allows administrators to inject malicious scripts. Attackers can craft a payload in the Notes field during listener configuration that will execute when an administrator clicks on the...
CVE-2021-47855
Openlitespeed 1.7.9 is affected by CVE-2021-47855, a stored cross-site scripting vulnerability in the dashboard Notes parameter. The issue allows an attacker to craft a payload in the Notes field during listener configuration that will execute when an administrator clicks the Default Icon, enabli...
CVE-2021-47855
Openlitespeed 1.7.9 contains a stored cross-site scripting vulnerability in the dashboard's Notes parameter that allows administrators to inject malicious scripts. Attackers can craft a payload in the Notes field during listener configuration that will execute when an administrator clicks on the...
CVE-2021-47855 Openlitespeed 1.7.9 - 'Notes' Stored Cross-Site Scripting
Openlitespeed 1.7.9 contains a stored cross-site scripting vulnerability in the dashboard's Notes parameter that allows administrators to inject malicious scripts. Attackers can craft a payload in the Notes field during listener configuration that will execute when an administrator clicks on the...
CVE-2021-47855 Openlitespeed 1.7.9 - 'Notes' Stored Cross-Site Scripting
Openlitespeed 1.7.9 contains a stored cross-site scripting vulnerability in the dashboard's Notes parameter that allows administrators to inject malicious scripts. Attackers can craft a payload in the Notes field during listener configuration that will execute when an administrator clicks on the...
EUVD-2026-3632
Openlitespeed 1.7.9 contains a stored cross-site scripting vulnerability in the dashboard's Notes parameter that allows administrators to inject malicious scripts. Attackers can craft a payload in the Notes field during listener configuration that will execute when an administrator clicks on the...
Litespeed Technologie OpenLiteSpeed Cross-Site Script Vulnerability
Litespeed Technologie OpenLiteSpeed is an open-source web server developed by Litespeed Technologie. Version 1.7.9 of Litespeed Technologie OpenLiteSpeed contains a cross-site scripting vulnerability. This vulnerability stems from a stored-cross-site scripting vulnerability in the dashboard’s Not...
PT-2026-3808
Openlitespeed 1.7.9 contains a stored cross-site scripting vulnerability in the dashboard's Notes parameter that allows administrators to inject malicious scripts. Attackers can craft a payload in the Notes field during listener configuration that will execute when an administrator clicks on the...
Openlitespeed-WebServer-1.7.8-
This is a PoC exploit for a command injection vulnerability in O...
EUVD-2021-13545
Malware in sbrugna...