25 matches found
CVE-2025-14566
A security flaw has been discovered in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. The impacted element is an unknown function of the file /Profilers/SProfile/reg.php. Performing a manipulation of the argument USN results in sql injection. It is possible to initia...
EUVD-2000-0263
Malware in sbrugna...
Mechrevo Control Center GX V2 安全漏洞
Mechrevo Control Center GX V2 is a system level control software from China-based Mechrevo. A security vulnerability exists in Mechrevo Control Center GX V2 version 5.56.51.48, which originates from an uncontrolled search path in the component reg File Handler...
CVE-2025-7884
A vulnerability classified as problematic was found in Eluktronics Control Center 5.23.51.41. Affected by this vulnerability is an unknown functionality of the component REG File Handler. The manipulation leads to insufficient verification of data authenticity. It is possible to launch the attack...
CVE-2025-7884 Eluktronics Control Center REG File data authenticity
A vulnerability classified as problematic was found in Eluktronics Control Center 5.23.51.41. Affected by this vulnerability is an unknown functionality of the component REG File Handler. The manipulation leads to insufficient verification of data authenticity. It is possible to launch the attack...
CVE-2025-7884
CVE-2025-7884 affects Eluktronics Control Center 5.23.51.41, specifically the REG File Handler. The underlying issue is insufficient verification of data authenticity, allowing a local-host attack. Public disclosure exists, and vendor response is noted as lacking. NVD reports a HIGH impact across...
CVE-2025-7884 Eluktronics Control Center REG File data authenticity
A vulnerability classified as problematic was found in Eluktronics Control Center 5.23.51.41. Affected by this vulnerability is an unknown functionality of the component REG File Handler. The manipulation leads to insufficient verification of data authenticity. It is possible to launch the attack...
Eluktronics Control Center 数据伪造问题漏洞
Eluktronics Control Center is a control center software from Eluktronics Corporation. A data forgery issue vulnerability exists in Eluktronics Control Center version 5.23.51.41, which stems from insufficient validation of data authenticity in the REG File Handler component...
CVE-2025-2602
A vulnerability has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file deactivatereg.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. T...
CVE-2024-42050
The MSI installer for Splashtop Streamer for Windows before 3.7.0.0 uses a temporary folder with weak permissions during installation. A local user can exploit this to escalate privileges to SYSTEM via an oplock on CredProviderInst.reg...
PT-2023-24318 · Unknown · Puneethreddyhc Online Shopping System
Name of the Vulnerable Software and Affected Versions: PuneethReddyHC Online Shopping System Advanced version 1.0 Description: A critical issue affects an unknown functionality of the file /admin/reg.php in the Admin Registration component, leading to improper authentication. This can be exploite...
Microsoft Windows .Reg File - Dialog Spoof / Mitigation Bypass
Exploit Title: Microsoft Windows .Reg File - Dialog Spoof / Mitigation Bypass Exploit Author: John Page aka hyp3rlinx Website: hyp3rlinx.altervista.org Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFTWINDOWSREGFILEDIALOGSPOOFMITIGATIONBYPASS.txt twitter.com/hyp3rlinx ISR: ApparitionSe...
CVE-2020-16268
The MSI installer in 1E Client 4.1.0.267 and 5.0.0.745 allows remote authenticated users and local users to gain elevated privileges via the repair option. This applies to installations that have a TRANSFORM MST with the option to disable the installation of the Nomad module. An attacker may craf...
CVE-2020-16268
The MSI installer in 1E Client 4.1.0.267 and 5.0.0.745 allows remote authenticated users and local users to gain elevated privileges via the repair option. This applies to installations that have a TRANSFORM MST with the option to disable the installation of the Nomad module. An attacker may craf...
Code injection
The MSI installer in 1E Client 4.1.0.267 and 5.0.0.745 allows remote authenticated users and local users to gain elevated privileges via the repair option. This applies to installations that have a TRANSFORM MST with the option to disable the installation of the Nomad module. An attacker may craf...
CVE-2020-16268
The MSI installer in 1E Client 4.1.0.267 and 5.0.0.745 allows remote authenticated users and local users to gain elevated privileges via the repair option. This applies to installations that have a TRANSFORM MST with the option to disable the installation of the Nomad module. An attacker may craf...
Microsoft Windows - .reg File Dialog Box Message Spoofing
Microsoft Windows - .reg File Dialog Box Message Spoofing + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-.REG-FILE-DIALOG-BOX-MESSAGE-SPOOFING.txt + ISR: ApparitionSec Vendor www.microsoft.com Product A...
Microsoft Windows .Reg File / Dialog Box Message Spoofing
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-.REG-FILE-DIALOG-BOX-MESSAGE-SPOOFING.txt + ISR: ApparitionSec Vendor www.microsoft.com Product A file with the .reg file extension is a Registration file...
IntraLaunch ActiveX控件多个方式不安全调用漏洞
BUGTRAQ ID: 34395 CVECAN ID: CVE-2009-0218 IntraLaunch ActiveX控件允许网页链接本地或跨网络执行Word或PDF等文档所关联的应用程序。 IntraLaunch ActiveX控件(由IntraLaunch.ocx提供)没有限定到特定的域或Internet Explorer区,这允许任何站点都可以在安装了该控件的系统上通过调用该控件导致运行任意代码。 Particle Software IntraLaunch Particle Software -----------------...
Symantec Norton个人防火墙ActiveX控件远程溢出漏洞
Symantec Norton个人防火墙是非常流行的防火墙软件。 Symantec Norton的ActiveX控件实现上存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制用户机器。 Norton个人防火墙的ISLALERT.DLL库中ISAlertDataCOM函数所使用的Get和Set函数没有正确验证输入参数,如果用户受骗浏览了特制的HTML文档的话,就可能触发缓冲区溢出,导致以登录用户的权限执行任意指令。 Symantec Norton Personal Firewall 2004 Symantec Norton Internet Security 2004 临时解决方法:...