Lucene search
K

925 matches found

CNNVD
CNNVD
added 2021/04/21 12:0 a.m.4 views

Cisco SD-WAN vManage 参数注入漏洞

Cisco SD-WAN vManage is a software from Cisco that provides software-defined networking capabilities. The software provides a way to virtualize the network. A parameter injection vulnerability exists in Cisco SD-WAN vManage Software that stems from improper validation of user-supplied device...

6.5CVSS5.5AI score0.01192EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/04/20 12:0 a.m.3 views

Discord Recon Server 参数注入漏洞

Discord Recon Server is an AI bot from Discord USA. Discord-Recon suffers from a parameter injection vulnerability that can be exploited by an attacker to read internal files from the system and write the files to the system, leading to remote code execution...

9CVSS8.4AI score0.02476EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/04/19 12:0 a.m.3 views

Innorix Web-Based File Transfer 参数注入漏洞

INNORIX Innorix Web-Based File Transfer is an application system from INNORIX Korea. It is used for file transfer. Web-Based File Transfer Solution 9.2.18.385 suffers from a parameter injection vulnerability that can be exploited by a remote attacker to potentially trick a user into visiting a...

7.8CVSS7.6AI score0.00723EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/03/29 12:0 a.m.5 views

NBBDownloader.ocx ActiveX 参数注入漏洞

SearchDomino.com ActiveX is an application from SearchDomino.com, Inc. Real-Time, Collaborative Enabled Programs NBBDownloader.ocx ActiveX suffers from a parameter injection vulnerability that can be exploited by remote attackers to trick users into visiting a crafted web page, which can cause...

7.8CVSS7.6AI score0.00773EPSS
Exploits0References3
CNVD
CNVD
added 2021/03/25 12:0 a.m.9 views

Cisco IOS XE SD-WAN Parameter Injection Vulnerability

Cisco IOS XE is an open and flexible operating system optimized for future work. A parameter injection vulnerability exists in Cisco IOS XE versions after 17.3.1. The vulnerability is due to insufficient input validation on certain CLI commands. An attacker could exploit the vulnerability to gain...

7.2CVSS7.2AI score0.00592EPSS
Exploits1References1
CNVD
CNVD
added 2021/03/25 12:0 a.m.8 views

Cisco IOS XE Parameter Injection Vulnerability

Cisco IOS XE is a set of modular operating system based on Linux kernel developed by Cisco for its network equipment. A parameter injection vulnerability exists in the CLI for SD-WAN on Cisco IOS XE. The vulnerability stems from insufficient input validation of certain CLI commands. An attacker...

7.2CVSS7AI score0.0028EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/03/24 12:0 a.m.4 views

Dw1 apkleaks 参数注入漏洞

Dw1 apkleaks is a Dw1 open source application . It is used to scan APK files for URIs, endpoints and secrets. A security vulnerability exists in APKLeaks prior to v2.0.3, which can be exploited by an attacker to contain allow execution of unexpected commands or code...

10CVSS8.5AI score0.02307EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/03/10 12:0 a.m.4 views

Facebook Gameroom 参数注入漏洞

Facebook Gameroom is a software of Facebook Inc. It is used for watching videos, playing games, and sharing content. A security vulnerability exists in versions prior to Facebook Gameroom v1.26.0 that stems from the fbgames protocol handler not properly referencing parameters passed to the...

9.8CVSS5.8AI score0.01693EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/03/01 12:0 a.m.5 views

Accellion FTA 注入漏洞

Accellion FTA is an enterprise content firewall from Accellion USA, Inc. It provides a protection against data leakage and breaches from third-party network risks. An injection vulnerability exists in Accellion FTA 912432 and earlier, which stems from being vulnerable to parameter injection via a...

9.8CVSS8.6AI score0.01414EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/02/22 12:0 a.m.7 views

Wave Inspur ClusterEngine Parameter Injection Vulnerability

Wave Inspur ClusterEngine is an application software from China's Wave Corporation. It provides management of jobs submitted by hardware and software in a cluster system. A security vulnerability exists in Inspur ClusterEngine V4.0, which can be exploited by remote attackers to send malicious log...

10CVSS7.3AI score0.38745EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/02/18 12:0 a.m.5 views

Omrilotan async-git Parameter Injection Vulnerability

Omrilotan async-git is a Javascript-based code repository that supports interaction with git repositories by the individual developer Omrilotan. A parameter injection vulnerability exists in async-git. The vulnerability originates from allowing shell metacharacters to be injected into git command...

9.8CVSS7.3AI score0.02549EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/01/25 12:0 a.m.8 views

TP-LINK TL-WR841N 操作系统命令注入漏洞

The Tp-link TL-WR841N is a wireless router from China P&L Tp-link. The TP-Link TL-WR841N suffers from a parameter injection vulnerability that allows a remote authenticated malicious user to execute arbitrary commands on the system, which can be exploited by an attacker to execute arbitrary...

9CVSS7.5AI score0.42285EPSS
Exploits1References5
Cvelist
Cvelist
added 2021/01/11 2:57 a.m.20 views

CVE-2020-35724

Reflected XSS in Quest Policy Authority 8.1.2.200 allows remote attackers to inject malicious code into the browser via a specially crafted link to the Error.jsp file via the err parameter or indirectly via the cpr, tcp, or abs parameter. NOTE: This vulnerability only affects products that are no...

5.4AI score0.0123EPSS
Exploits1References2
CNNVD
CNNVD
added 2020/12/31 12:0 a.m.5 views

Draytek Vigor2960 Parameter Injection Vulnerability

The Draytek Vigor2960 is a load balancing router and VPN gateway appliance from Draytek Taiwan, China. A parameter injection vulnerability exists in the DrayTek Vigor2960 1.5.1, which allows remote command execution via toLogin2FA action to mainfunction.cgi...

8.8CVSS6AI score0.05306EPSS
Exploits1References3
GithubExploit
GithubExploit
added 2020/12/27 10:37 a.m.106 views

Exploit for Server-Side Request Forgery in Sap Businessobjects_Business_Intelligence_Platform

CVE-2020-6308 SAP POC !Follow on Twitterhttps://img.shields...

5.3CVSS6.4AI score0.61736EPSS
Exploits3
CNNVD
CNNVD
added 2020/12/18 12:0 a.m.8 views

Xinuos Openserver Parameter Injection Vulnerability

Xinuos Openserver is a FreeBSD-based operating system from the US company Xinuos. A security vulnerability exists in Xinuos formerly SCO Openserver versions v5 and v6 that allows an attacker to execute arbitrary commands to the cgi-bin printbook via the shell metacharacter outputform or toclevels...

9.8CVSS7.6AI score0.39193EPSS
Exploits3References5
OSV
OSV
added 2020/11/27 2:15 a.m.1 views

CVE-2020-29135

cPanel before 90.0.17 has multiple instances of URL parameter injection SEC-567...

4.1CVSS5.8AI score0.00574EPSS
Exploits0References2
NVD
NVD
added 2020/11/27 2:15 a.m.17 views

CVE-2020-29135

cPanel before 90.0.17 has multiple instances of URL parameter injection SEC-567...

4.1CVSS4.8AI score0.00574EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/11/27 1:34 a.m.21 views

CVE-2020-29135

cPanel before 90.0.17 has multiple instances of URL parameter injection SEC-567...

4.8AI score0.00574EPSS
Exploits0References1
CVE
CVE
added 2020/11/27 1:34 a.m.66 views

CVE-2020-29135

CVE-2020-29135 affects cPanel prior to 90.0.17, with multiple instances of URL parameter injection (SEC-567). The connected records identify the affected product and the vulnerability type, but do not provide explicit exploitation details, affected components beyond the web interfaces, or a confi...

4.1CVSS4.8AI score0.00574EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder