28 matches found
CVE-2025-67810
In Area9 Rhapsode 1.47.3, an authenticated attacker can exploit the operation, url, and filename parameters via POST request to read arbitrary files from the server filesystem. Fixed in 1.47.4 7254 and further versions...
CVE-2025-67810
In Area9 Rhapsode 1.47.3, an authenticated attacker can exploit the operation, url, and filename parameters via POST request to read arbitrary files from the server filesystem. Fixed in 1.47.4 7254 and further versions...
CVE-2025-67810
In Area9 Rhapsode 1.47.3, an authenticated attacker can exploit the operation, url, and filename parameters via POST request to read arbitrary files from the server filesystem. Fixed in 1.47.4 7254 and further versions...
CVE-2025-67810
In Area9 Rhapsode 1.47.3, an authenticated attacker can exploit the operation, url, and filename parameters via POST request to read arbitrary files from the server filesystem. Fixed in 1.47.4 7254 and further versions...
CVE-2025-67810
In Area9 Rhapsode 1.47.3, an authenticated attacker can exploit the operation, url, and filename parameters via POST request to read arbitrary files from the server filesystem. Fixed in 1.47.4 7254 and further versions...
EUVD-2012-1087
Malware in sbrugna...
EUVD-2023-33104
Malicious code in bioql PyPI...
CVE-2025-56413
OS Command injection vulnerability in function OperateSSH in 1panel 2.0.8 allowing attackers to execute arbitrary commands via the operation parameter to the /api/v2/hosts/ssh/operate endpoint...
CVE-2025-56413
OS Command injection vulnerability in function OperateSSH in 1panel 2.0.8 allowing attackers to execute arbitrary commands via the operation parameter to the /api/v2/hosts/ssh/operate endpoint...
1000 Projects Online Project Report Submission and Evaluation System Security Vulnerability
1000 Projects Online Project Report Submission and Evaluation System is a 1000 Projects open source online project report submission and evaluation system . 1000 Projects Online Project Report Submission and Evaluation System version 1.0 has a security vulnerability , the vulnerability stems from...
CVE-2022-40759
A NULL pointer dereference issue in the TEEMACCompareFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service DoS by invoking the function TEEMACCompareFinal with a NULL pointer for the parameter operation...
Vtiger CRM 代码注入漏洞
Vtiger CRM is a set of customer relationship management system CRM based on SugarCRM developed by Vtiger, Inc. in the United States. The management system provides functions such as managing, collecting and analyzing customer information. A code injection vulnerability exists in Vtiger CRM versio...
WordPress plugin s2Member Pro 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...
Stack overflow
TP-Link TL-WPA7510 EUV2190125 was discovered to contain a stack overflow via the operation parameter at /admin/locale...
CVE-2023-29562
TP-Link TL-WPA7510 EUV2190125 was discovered to contain a stack overflow via the operation parameter at /admin/locale...
PT-2023-3361 · Tp Link · Tp-Link Tl-Wa7510N
Name of the Vulnerable Software and Affected Versions: TP-Link TL-WPA7510 EU version V2 190125 Description: The issue is related to a stack overflow via the operation parameter at the "/admin/locale" API endpoint. This can be exploited by a remote attacker to execute arbitrary commands. The...
CVE-2022-40759
A NULL pointer dereference issue in the TEEMACCompareFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service DoS by invoking the function TEEMACCompareFinal with a NULL pointer for the parameter operation...
Student Management System SQL注入漏洞
Student Management System is a simple web-based student management software from Sk.Amir Hamza, an individual developer in Bangladesh. Student Management System suffers from a SQL injection vulnerability that stems from the operation parameter id that causes sql injection...
Online Class and Exam Scheduling System SQL注入漏洞
Online Class and Exam Scheduling System is an online class and exam scheduling system. Online Class and Exam Scheduling System 1.0 suffers from a SQL injection vulnerability that originates from an unknown function in the file /pages/facultysched.php being affected. The operation parameter facult...
TrueConf Server 跨站脚本漏洞
TrueConf Server is a self-hosted and secure video collaboration platform from the Russian company TrueConf. version 4.3.7 of TrueConf Server is vulnerable to a cross-site scripting vulnerability that originates from unknown code in the file /admin/conferences/get-all-status/, with the parameter...