11 matches found
PT-2026-5167
Explorance Blue versions prior to 8.14.9 contain a SQL injection vulnerability caused by insufficient validation of user input in a web application endpoint. An attacker can supply crafted input that is executed as part of backend database queries. The issue is exploitable without authentication,...
CVE-2026-1183
CVE-2026-1183 is an HTML injection vulnerability affecting multiple Botble products (TransP, Athena, Martfury, Homzen). The issue arises from improper validation of user input, specifically via the /search endpoint using the q parameter. Public sources (NVD/Red Hat/CVE records) describe the vulne...
Micro User Registration Utility 注入漏洞
Micro User Registration Utility is a telephone auto-registration tool by olel individual developers. An injection vulnerability exists in the Micro User Registration Utility that stems from improper input validation leading to the injection of specially crafted characters, which could lead to cal...
EUVD-2019-1992
Malware in sbrugna...
ClinicCases 跨站脚本漏洞
ClinicCases is an open source case management system designed for law school clinics. A cross-site scripting vulnerability exists in ClinicCases version 7.3.3 that stems from the software's lack of effective validation and filtering of user-submitted parameters. The vulnerability allows an...
CVE-2019-1010250
The Linux Foundation ONOS 2.0.0 and earlier is affected by: Poor Input-validation. The impact is: A network administrator or attacker can install unintended flow rules in the switch by mistake. The component is: createFlow and createFlows functions in FlowWebResource.java RESTful service. The...
CVE-2019-1010250
The Linux Foundation ONOS 2.0.0 and earlier is affected by: Poor Input-validation. The impact is: A network administrator or attacker can install unintended flow rules in the switch by mistake. The component is: createFlow and createFlows functions in FlowWebResource.java RESTful service. The...
CVE-2019-1010252
The Linux Foundation ONOS 2.0.0 and earlier is affected by Poor Input-validation in FlowRuleManager.java (applyFlowRules() and apply()). This can allow a network administrator or attacker to install unintended flow rules in the switch via network-management connectivity. Root cause: inadequate in...
CVE-2019-1010252
The Linux Foundation ONOS 2.0.0 and earlier is affected by: Poor Input-validation. The impact is: A network administrator or attacker can install unintended flow rules in the switch by mistake. The component is: applyFlowRules and apply functions in FlowRuleManager.java. The attack vector is:...
Drupal CMS version 7.12 suffers from multiple cross site request forgery vulnerabilities
No description provided by source. Exploit Title : Drupal CMS 7.12 latest stable release Multiple Vulnerabilities Date : 02-03-2012 Author : Ivano Binetti http://ivanobinetti.com Software link : http://drupal.org/download Vendor site : http://drupal.org Version : 7.12 and lower Tested on : Debian...
remote command execution in 'tattle'
Hello, a recent bugtraq posting by CISSP C.J. Steele contains a vulnerability which will leave a box possibly open for remote command execution. There are many ways to exploit this, but I chose logging in through ftp with username like sshd rhost 9 10 11 |rm$IFS-rf$IFS/|echo'1.1.1.1' because of...