PT-2021-7658 · Npm · Systeminformation

Name of the Vulnerable Software and Affected Versions: systeminformation versions prior to 5.3.1 Description: The System Information Library for Node.JS is an open source collection of functions to retrieve detailed hardware, system and OS information. In systeminformation before version 5.3.1,...

CVE-2020-4955

IBM Spectrum Protect Operations Center 7.1 and 8.1could allow a remote attacker to execute arbitrary code on the system, caused by improper parameter validation. By creating an unspecified servlet request with specially crafted input parameters, an attacker could exploit this vulnerability to loa...

Input validation

IBM Spectrum Protect Operations Center 7.1 and 8.1could allow a remote attacker to execute arbitrary code on the system, caused by improper parameter validation. By creating an unspecified servlet request with specially crafted input parameters, an attacker could exploit this vulnerability to loa...

CVE-2020-4955

IBM Spectrum Protect Operations Center 7.1 and 8.1could allow a remote attacker to execute arbitrary code on the system, caused by improper parameter validation. By creating an unspecified servlet request with specially crafted input parameters, an attacker could exploit this vulnerability to loa...

CVE-2020-4955

CVE-2020-4955 concerns IBM Spectrum Protect Operations Center. The IBM bulletin documents that versions 7.1.0.000–7.1.12.x and 8.1.0.000–8.1.10.100 (and 8.1.11.000) are affected by an improper parameter validation flaw. A remote attacker could exploit this by crafting an unspecified servlet reque...

CVE-2020-4955

IBM Spectrum Protect Operations Center 7.1 and 8.1could allow a remote attacker to execute arbitrary code on the system, caused by improper parameter validation. By creating an unspecified servlet request with specially crafted input parameters, an attacker could exploit this vulnerability to loa...

PT-2021-10472 · Yccms · Yccms

Name of the Vulnerable Software and Affected Versions: yccms version 3.3 Description: The issue arises from the no top function's improper judgment of the request parameters, leading to a sql injection vulnerability. This allows for potential exploitation by manipulating request parameters...

MISP 跨站脚本漏洞

MISP is an open source software solution. The product is used to collect, store, distribute and share cybersecurity metrics and has features such as threat cybersecurity event analysis and malware analysis. A cross-site scripting vulnerability exists in MISP version 2.4.128. The vulnerability ste...

CVE-2021-1218

A vulnerability in the web management interface of Cisco Smart Software Manager satellite could allow an authenticated, remote attacker to redirect a user to an undesired web page. The vulnerability is due to improper input validation of the URL parameters in an HTTP request that is sent to an...

Cisco Webex Meetings Open Redirect Vulnerability

Cisco Webex Meetings provides affordable enterprise virtual meeting solutions. An open redirect vulnerability exists in the Web management interface of Cisco Webex Meetings. The vulnerability stems from improper validation of the input of URL parameters in an HTTP request. An attacker could explo...

Cisco Webex Meetings 输入验证错误漏洞

Cisco Webex Meetings provides affordable enterprise virtual meeting solutions. An open redirect vulnerability exists in the Web management interface of Cisco Webex Meetings. The vulnerability stems from improper validation of the input of URL parameters in an HTTP request. An attacker could explo...

Huawei Mate 30 Buffer Overflow Vulnerability (CNVD-2021-05397)

Huawei Mate 30 is a smartphone from the Chinese company Huawei Huawei. The Huawei Mate 30 suffers from a buffer overflow vulnerability that can be exploited by an attacker by sending a crafted packet with specific parameters to the target device. Due to insufficient validation of the parameters, ...

USN-4675-1 horizon vulnerability

Pritam Singh discovered that OpenStack Horizon incorrectly validated certain parameters. An attacker could possibly use this issue to cause OpenStack Horizon to redirect to a malicious URL...

USN-4675-1: OpenStack Horizon vulnerability

Pritam Singh discovered that OpenStack Horizon incorrectly validated certain parameters. An attacker could possibly use this issue to cause OpenStack Horizon to redirect to a malicious URL...

Design/Logic Flaw

In functions charginglimitcurrentwrite and charginglimittimewrite in /SM8250QMaster/android/vendor/oppocharger/oppo/oppocharger.c have not checked the parameters, which causes a vulnerability...

CVE-2020-35741

HGiga MailSherlock does not validate user parameters on multiple login pages. Attackers can use the vulnerability to inject JavaScript syntax for XSS attacks...

CVE-2020-35851

HGiga MailSherlock does not validate specific parameters properly. Attackers can use the vulnerability to launch Command inject attacks remotely and execute arbitrary commands of the system...

CVE-2020-35741

HGiga MailSherlock contains a cross-site scripting (XSS) vulnerability: it does not validate user parameters on multiple login pages, allowing an attacker to inject JavaScript syntax. The CVE entry CVE-2020-35741 is documented across multiple sources (NVD and CNVD) with this behavior. Impact deta...

MailSherlock 跨站脚本漏洞

HGiga MailSherlock is an email archiving and auditing system that provides a complete email security solution. A cross-site scripting vulnerability exists in HGiga MailSherlock. The vulnerability stems from MailSherlock failing to properly validate specific URL parameters. An attacker can exploit...

Xinuos Openserver Cross-Site Scripting Vulnerability

Xinuos Openserver is a FreeBSD-based operating system from the American company Xinuos. Xinuo suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client data in the application parameter section. A remote attacker can exploit this vulnerability by...