19630 matches found
CVE-2021-47853
phpPgAdmin 7.13.0 contains a remote command execution vulnerability that allows authenticated attackers to execute arbitrary system commands through SQL query manipulation. Attackers can create a custom table, upload a malicious .txt file, and use the COPY FROM PROGRAM command to execute operatin...
CVE-2025-36588
Dell Unisphere for PowerMax, versions 10.2.0.x, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution...
CVE-2025-36588
Dell Unisphere for PowerMax, versions 10.2.0.x, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution...
CVE-2025-36588
Dell Unisphere for PowerMax, versions 10.2.0.x, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution...
CVE-2026-1327
A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279B20210910. This issue affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Such manipulation of the argument command leads to command injection. The attack can be...
CVE-2026-1324
A vulnerability was identified in Sangfor Operation and Maintenance Management System up to 3.0.12. Affected by this issue is the function SessionController of the file /isomp-protocol/protocol/session of the component SSH Protocol Handler. The manipulation of the argument keypassword leads to os...
CVE-2026-1327
A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279B20210910. This issue affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Such manipulation of the argument command leads to command injection. The attack can be...
CVE-2026-1324
A vulnerability was identified in Sangfor Operation and Maintenance Management System up to 3.0.12. Affected by this issue is the function SessionController of the file /isomp-protocol/protocol/session of the component SSH Protocol Handler. The manipulation of the argument keypassword leads to os...
CVE-2026-1327 Totolink NR1800X POST Request cstecgi.cgi setTracerouteCfg command injection
A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279B20210910. This issue affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Such manipulation of the argument command leads to command injection. The attack can be...
CVE-2026-1327
CVE-2026-1327 affects Totolink NR1800X with version 9.1.0u.6279_B20210910. The vulnerability is in the POST Request Handler’s function setTracerouteCfg in /cgi-bin/cstecgi.cgi, where argument manipulation leads to a command injection. It is described as exploitable remotely and the exploit has be...
CVE-2026-1326
Totolink NR1800X (firmware 9.1.0u.6279_B20210910) is affected by CVE-2026-1326. The vulnerability exists in the POST Request Handler’s /cgi-bin/cstecgi.cgi function setWanCfg, where manipulating the Hostname argument can trigger a command injection. The issue can be exploited remotely and the exp...
CVE-2026-1326
A weakness has been identified in Totolink NR1800X 9.1.0u.6279B20210910. This vulnerability affects the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. This manipulation of the argument Hostname causes command injection. The attack can be initiated...
CVE-2026-1326 Totolink NR1800X POST Request cstecgi.cgi setWanCfg command injection
A weakness has been identified in Totolink NR1800X 9.1.0u.6279B20210910. This vulnerability affects the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. This manipulation of the argument Hostname causes command injection. The attack can be initiated...
CVE-2026-1324
Summary: CVE-2026-1324 affects Sangfor Operation and Maintenance Management System (
EVMAPA
RISK EVALUATION Successful exploitation of these vulnerabilities could lead to degraded service, a denial-of-service, or unauthorized remote command execution, which could lead to spoofing or a manipulation of charging station statuses. 2. RECOMMENDED PRACTICES CISA recommends users take...
SUSE CVE-2021-47853
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
PT-2026-3949
Name of the Vulnerable Software and Affected Versions Dell Unisphere for PowerMax versions 10.2.0.x Description Dell Unisphere for PowerMax versions 10.2.0.x contain an Improper Neutralization of Special Elements used in an SQL Command vulnerability, also known as 'SQL Injection'. A low privilege...
PT-2026-3936
A weakness has been identified in Totolink NR1800X 9.1.0u.6279 B20210910. This vulnerability affects the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. This manipulation of the argument Hostname causes command injection. The attack can be initiated...
VulnCheck KEV: CVE-2025-8829
A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. Affected by this vulnerability is the function umred of the file /goform/RPsetBasicAuto. The manipulation of the argument hname leads to os command injection. The attack can be launched...
VulnCheck KEV: CVE-2025-7407
A vulnerability, which was classified as critical, was found in Netgear D6400 1.0.0.114. This affects an unknown part of the file diag.cgi. The manipulation of the argument hostname leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to th...