5 matches found
EUVD-2025-210485
SurrealDB versions before 2.2.2 contain a local file read vulnerability in the DEFINE ANALYZER statement that allows authenticated users to read arbitrary files on the file system. Attackers with root, namespace, or database level privileges can point analyzers to arbitrary file paths and...
CVE-2026-6209
...
PT-2023-3650 · Unknown · Spidercontrol Scada Web Server
Name of the Vulnerable Software and Affected Versions: SpiderControl SCADA Webserver versions 2.08 and prior Description: The issue exists due to incorrect restriction of the path name to a directory with limited access. Exploitation of this issue may allow a remote attacker to cause a...
CVE-2022-1883
SQL Injection in GitHub repository camptocamp/terraboard prior to 2.2.0...
Symphony CMS Cross-Site Scripting Vulnerability (CNVD-2016-00187)
Symphony CMS is a content management system CMS developed in PHP and MySQL. The system supports search engine optimization, module extensions and more. A cross-site scripting vulnerability exists in the content/content.systempreferences.php script in Symphony CMS versions prior to 2.6.4, which...