37 matches found
CVE-2026-8426
Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to /dashboard/extend/update/prepareremoteupgrade/. An attacker who controls the remote package returned for a known marketplace item ID can overwrite the package PHP on disk and force its upgrade method to...
Cross-site Request Forgery (CSRF)
Overview concrete5/concrete5 is a concrete5 open source CMS. Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the /dashboard/extend/update/prepareremoteupgrade/ process. An attacker can execute arbitrary code as the web server user by tricking an authenticat...
CVE-2026-8426 Concrete CMS 9.5.0 and below is vulnerable to CSRF on prepare_remote_upgrade() leading to one-request RCE via package overwrite
Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to /dashboard/extend/update/prepareremoteupgrade/. An attacker who controls the remote package returned for a known marketplace item ID can overwrite the package PHP on disk and force its upgrade method to...
CVE-2026-8426
Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to /dashboard/extend/update/prepareremoteupgrade/. An attacker who controls the remote package returned for a known marketplace item ID can overwrite the package PHP on disk and force its upgrade method to...
CVE-2026-8426 Concrete CMS 9.5.0 and below is vulnerable to CSRF on prepare_remote_upgrade() leading to one-request RCE via package overwrite
Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to /dashboard/extend/update/prepareremoteupgrade/. An attacker who controls the remote package returned for a known marketplace item ID can overwrite the package PHP on disk and force its upgrade method to...
EUVD-2026-31337
Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to /dashboard/extend/update/prepareremoteupgrade/. An attacker who controls the remote package returned for a known marketplace item ID can overwrite the package PHP on disk and force its upgrade method to...
CVE-2026-8426
Concrete CMS 9.5.0 and earlier fails to validate a CSRF token for requests to /dashboard/extend/update/prepare_remote_upgrade/. An attacker who controls the remote package returned for a known marketplace item ID can overwrite the package PHP on disk and trigger the upgrade() method in a single b...
PT-2026-42548
Concrete CMS 9.5.0 and below does not validate a CSRF token before processing requests to /dashboard/extend/update/prepare remote upgrade/. An attacker who controls the remote package returned for a known marketplace item ID can overwrite the package PHP on disk and force its upgrade method to...
EUVD-2026-26775
A vulnerability was found in TRENDnet TEW-821DAP up to 1.12B01. This impacts the function platformdoupgradecameodev of the file cameodev.sh of the component Firmware Update Handler. Performing a manipulation results in insufficient verification of data authenticity. The attack is possible to be...
HP Color LaserJet Missing Authentication for Critical Function (CVE-2004-2439)
The remote upgrade capability in HP LaserJet 4200 and 4300 printers does not require a password, which allows remote attackers to upgrade firmware. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable,...
CVE-2026-3731
CVE-2026-3731 affects libssh up to version 0.11.3, specifically the SFTP Extension Name Handler in src/sftp.c (functions sftp_extensions_get_name and sftp_extensions_get_data). Manipulating the idx argument can trigger an out-of-bounds read, with the threat potentially remote. The issue is addres...
CVE-2026-3612
A vulnerability was determined in Wavlink WL-NU516U1 V240425. This affects the function sub405AF4 of the file /cgi-bin/adm.cgi of the component OTA Online Upgrade. This manipulation of the argument firmwareurl causes command injection. It is possible to initiate the attack remotely. The exploit h...
EUVD-2004-2430
Malware in sbrugna...
EUVD-2017-17041
Malware in sbrugna...
EUVD-2007-2370
Malware in sbrugna...
EUVD-2018-10320
Malware in sbrugna...
EUVD-2015-1104
Malware in sbrugna...
EUVD-2025-4254
Malicious code in bioql PyPI...
EUVD-2021-34111
Malicious code in bioql PyPI...
CVE-2020-36660 paxswill EVE Ship Replacement Program User Information api.py information disclosure
A vulnerability was found in paxswill EVE Ship Replacement Program 0.12.11. It has been rated as problematic. This issue affects some unknown processing of the file src/evesrp/views/api.py of the component User Information Handler. The manipulation leads to information disclosure. The attack may ...