15 matches found
CVE-2026-36906
Cross Site Scripting vulnerability in iotgateway v.3.0.1 allows a remote attacker to execute arbitrary code via the Log Record Function...
EUVD-2026-29111
Cross Site Scripting vulnerability in iotgateway v.3.0.1 allows a remote attacker to execute arbitrary code via the Log Record Function...
CVE-2026-36906
CVE-2026-36906 describes a Cross Site Scripting vulnerability in iotgateway v3.0.1 . The issue is triggered via the Log Record Function , enabling a remote attacker to potentially execute arbitrary code in the context of the affected application. Available sources consistently cite the same descr...
CVE-2026-36906
Cross Site Scripting vulnerability in iotgateway v.3.0.1 allows a remote attacker to execute arbitrary code via the Log Record Function...
CVE-2026-36906
Cross Site Scripting vulnerability in iotgateway v.3.0.1 allows a remote attacker to execute arbitrary code via the Log Record Function...
The vulnerability of the miEnumattr() function in the fs/ntfs3/record.c module of the Linux file system allows a attacker to access protected information or cause service failures.
The vulnerability of the miEnumattr function in the fs/ntfs3/record.c module of the Linux file system support module is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain access to protected information or cause service failures...
CVE-2025-4892 code-projects Police Station Management System Delete Record source.cpp remove stack-based overflow
A vulnerability was found in code-projects Police Station Management System 1.0. It has been declared as critical. Affected by this vulnerability is the function criminal::remove of the file source.cpp of the component Delete Record. The manipulation of the argument No leads to stack-based buffer...
CVE-2023-0707
A vulnerability was found in SourceCodester Medical Certificate Generator App 1.0. It has been rated as critical. Affected by this issue is the function deleterecord of the file function.php. The manipulation of the argument id leads to sql injection. VDB-220346 is the identifier assigned to this...
PT-2023-16464 · Sourcecodester · Sourcecodester Medical Certificate Generator App
Name of the Vulnerable Software and Affected Versions: SourceCodester Medical Certificate Generator App version 1.0 Description: A critical issue has been found in the function delete record of the file function.php. The manipulation of the argument id leads to SQL injection. Recommendations: For...
CVE-2006-4346
Asterisk 1.2.10 supports the use of client-controlled variables to determine filenames in the Record function, which allows remote attackers to 1 execute code via format string specifiers or 2 overwrite files via directory traversals involving unspecified vectors, as demonstrated by the...
DEBIAN-CVE-2006-4346
Asterisk 1.2.10 supports the use of client-controlled variables to determine filenames in the Record function, which allows remote attackers to 1 execute code via format string specifiers or 2 overwrite files via directory traversals involving unspecified vectors, as demonstrated by the...
CVE-2006-4346
Asterisk 1.2.10 supports the use of client-controlled variables to determine filenames in the Record function, which allows remote attackers to 1 execute code via format string specifiers or 2 overwrite files via directory traversals involving unspecified vectors, as demonstrated by the...
CVE-2006-4346
CVE-2006-4346 affects Asterisk 1.2.10; the Record() function uses client-controlled variables to determine filenames, enabling remote attackers to (1) execute code via format string specifiers and (2) overwrite files through directory traversals (CALLERIDNAME demonstrated). Public sources describ...
CVE-2006-4346
Asterisk 1.2.10 supports the use of client-controlled variables to determine filenames in the Record function, which allows remote attackers to 1 execute code via format string specifiers or 2 overwrite files via directory traversals involving unspecified vectors, as demonstrated by the...
CVE-2006-4346
Asterisk 1.2.10 supports the use of client-controlled variables to determine filenames in the Record function, which allows remote attackers to 1 execute code via format string specifiers or 2 overwrite files via directory traversals involving unspecified vectors, as demonstrated by the...