18 matches found
EUVD-2003-0177
Malware in sbrugna...
EUVD-2015-2077
Malware in sbrugna...
EUVD-2021-33134
Malicious code in bioql PyPI...
EUVD-2022-33416
Malicious code in bioql PyPI...
CVE-2025-40732
user enumeration vulnerability in Daily Expense Manager v1.0. To exploit this vulnerability a POST request must be sent using the name parameter in /check.php...
CVE-2023-41580
Phpipam before v1.5.2 was discovered to contain a LDAP injection vulnerability via the dname parameter at /users/ad-search-result.php. This vulnerability allows attackers to enumerate arbitrary fields in the LDAP server and access sensitive data via a crafted POST request...
CVE-2023-34842
Remote Code Execution vulnerability in DedeCMS through 5.7.109 allows remote attackers to run arbitrary code via crafted POST request to /dede/tpl.php...
CVE-2020-14412
NeDi 1.9C is vulnerable to Remote Command Execution. System-Snapshot.php improperly escapes shell metacharacters from a POST request. An attacker can exploit this by crafting an arbitrary payload any system commands that contains shell metacharacters via a POST request with a psw parameter. This...
CVE-2019-15766
The KSLABS KSWEB aka ru.kslabs.ksweb application 3.93 for Android allows authenticated remote code execution via a POST request to the AJAX handler with the configFile parameter set to the arbitrary file to be written to and the configtext parameter set to the content of the file to be created...
CVE-2025-46052
An error-based SQL Injection SQLi vulnerability in WebERP v4.15.2 allows attackers to execute arbitrary SQL command and extract sensitive data by injecting a crafted payload into the DEL form field in a POST request to /StockCounts.php...
CVE-2024-8524
CVE-2024-8524 concerns modelscope/agentscope v0.0.4, where a directory traversal vulnerability allows an attacker to read arbitrary local JSON files via a crafted POST to the /read-examples endpoint. Affected component: agentscope (Python package) in the modelscope project; vulnerability arises f...
CVE-2022-36784
Elsight – Elsight Halo Remote Code Execution RCE Elsight Halo web panel allows us to perform connection validation. through the POST request : /api/v1/nics/wifi/wlan0/ping we can abuse DESTINATION parameter and leverage it to remote code execution...
CVE-2025-0473 Incomplete Cleanup vulnerability in PMB platform
Vulnerability in the PMB platform that allows an attacker to persist temporary files on the server, affecting versions 4.0.10 and above. This vulnerability exists in the file upload functionality on the ‘/pmb/authorities/import/iimportauthorities’ endpoint. When a file is uploaded via this...
CVE-2023-33604
Imperial CMS v7.5 was discovered to contain an arbitrary file deletion vulnerability via the DelspReFile function in /sp/ListSp.php. This vulnerability is exploited by attackers via a crafted POST request...
CVE-2022-36784 Elsight – Elsight Halo Remote Code Execution (RCE)
Elsight – Elsight Halo Remote Code Execution RCE Elsight Halo web panel allows us to perform connection validation. through the POST request : /api/v1/nics/wifi/wlan0/ping we can abuse DESTINATION parameter and leverage it to remote code execution...
AsusWRT router/httpd/httpd.c file access bypass vulnerability
ASUS AsusWRT is a set of router operating systems from ASUS. A security vulnerability exists in the 'handlerequest' function of the router/httpd/httpd.c file in versions prior to ASUS AsusWRT 3.0.0.4.38410007. An attacker can exploit this vulnerability to execute a POST request...
Fwd: OpenText FirstClass 8.0 HTTP Daemon /Search Remote DoS Vulnerability
From: dila [email protected] Date: Wed, 15 Dec 2004 02:27:40 +0000 Subject: OpenText FirstClass 8.0 HTTP Daemon /Search Remote DoS Vulnerability To: [email protected], [email protected] 13.12.04 OpenText FirstClass 8.0 HTTP Daemon /Search Remote DoS Vulnerability The...
LibHTTPD 1.2 - POST Buffer Overflow
// source: https://www.securityfocus.com/bid/6172/info LibHTTPD is vulnerable to a buffer overflow condition. By passing a POST request of excessive length, it is possible to overrun a static buffer. This may result in sensitive locations in memory being overwritten by attacker-supplied values...