Gridx 1.3 - Remote Code Execution

Gridx 1.3 is susceptible to remote code execution via tests/support/stores/testgridfilter.php, which allows remote attackers to execute arbitrary code via crafted values submitted to the $query parameter. id: CVE-2020-19625 info: name: Gridx 1.3 - Remote Code Execution author: geeknik severity:...

Onkyo TX-NR585 Web Interface - Directory Traversal

Onkyo TX-NR585 1000-0000-000-0008-0000 devices allows remote unauthenticated users on the network to read sensitive files via %2e%2e%2f directory traversal and local file inclusion. id: CVE-2020-12447 info: name: Onkyo TX-NR585 Web Interface - Directory Traversal author: 0xAkoko severity: high...

ClickDesk Live Support Live Chat 2.0 - Cross-Site Scripting

A cross-site scripting vulnerability in clickdesk.php in ClickDesk Live Support - Live Chat plugin 2.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via the cdwidgetid parameter. id: CVE-2011-5181 info: name: ClickDesk Live Support Live Chat 2.0 - Cross-Site Scripti...

Joomla! Component Property - Local File Inclusion

A directory traversal vulnerability in the Real Estate Property comproperties component 3.1.22-03 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1875 info: name: Joomla...

Liferay Portal & DXP - Cross-Site Scripting

Liferay Portal 7.4.0 through 7.4.3.133 and Liferay DXP 2024.Q1.1 through 2025.Q1.4 contain a reflected XSS caused by improper sanitization in entrycoverimagecaption.jsp, letting remote non-authenticated attackers inject JavaScript. id: CVE-2025-4576 info: name: Liferay Portal & DXP - Cross-Site...

Dify v1.6.0 - Server-Side Request Forgery

Dify v1.6.0 contains a server side request forgery caused by improper validation in controllers.console.remotefiles.RemoteFileUploadApi, letting attackers make arbitrary requests from the server, exploit requires network access. id: CVE-2025-56520 info: name: Dify v1.6.0 - Server-Side Request...

Commvault - SSRF via /commandcenter/deployWebpackage.do

A path traversal vulnerability in Commvault Command Center Innovation Release allows an unauthenticated actor to upload ZIP files, which, when expanded by the target server, result in Remote Code Execution. This issue affects Command Center Innovation Release: 11.38. id: CVE-2025-34028 info: name...

Xinuo Openserver 5/6 - Cross-Site scripting

Xinuo formerly SCO Openserver versions 5 and 6 allows remote attackers to inject arbitrary web script or HTML tag via the parameter 'section' and is vulnerable to reflected cross-site scripting. id: CVE-2020-25495 info: name: Xinuo Openserver 5/6 - Cross-Site scripting author: 0xAkoko severity:...

XXL-JOB v2.2.0 — Stored Cross Site Scripting

Multiple cross-site scripting XSS vulnerabilities in xxl-job v2.2.0 allow remote attackers to inject arbitrary web script or HTML via 1 AppName and 2AddressList parameter in JobGroupController.java file. id: CVE-2020-23814 info: name: XXL-JOB v2.2.0 — Stored Cross Site Scripting author:...

Pinger 1.0 - Remote Code Execution

Pinger 1.0 contains a remote code execution vulnerability that allows attackers to inject shell commands through the ping and socket parameters. Attackers can exploit the unsanitized input in ping.php to write arbitrary PHP files and execute system commands by appending shell metacharacters. id:...

Prestashop AttributeWizardPro Module - Arbitrary File Upload

In the Attribute Wizard addon 1.6.9 for PrestaShop allows remote attackers to execute arbitrary code by uploading a php file. id: CVE-2018-10942 info: name: Prestashop AttributeWizardPro Module - Arbitrary File Upload author: MaStErChO severity: critical description: | In the Attribute Wizard add...

Pandora FMS <=7.0NG.722 - Remote Code Execution

Pandora FMS versions =7.0NG.722 are vulnerable to unauthenticated remote code execution by chaining an unrestricted file upload CVE-2018-11221 and a local file inclusion CVE-2018-11222. An attacker can upload a malicious PHP file as a plugin and execute it via LFI, leading to full compromise of t...

Mage AI - Insecure Default Authentication Setup

A vulnerability was found in Mage AI 0.9.75. It has been classified as problematic. This affects an unknown part. The manipulation leads to insecure default initialization of resource. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability i...

Code-Projects School Fees Payment System 1.0 - SQL Injection

A vulnerability was found in code-projects School Fees Payment System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...

Jinher OA - SQL Injection

jinher jinheroa is an office automation software that facilitates workflow management and collaboration within organizations. It sits in the enterprise layer of the tech stack, is typically deployed as selfhosted, and—within the informationtechnology industry—serves the businessapps domain. id:...

Casdoor - Authorization Bypass

Casdoor up to 1.811.0 contains an authorization bypass caused by manipulation in HandleScim function in controllers/scim.go, letting remote attackers bypass authorization, exploit requires remote access. id: CVE-2025-4210 info: name: Casdoor - Authorization Bypass author: theamanrawat severity:...

Cockpit CMS 0.6.1 - Remote Code Execution

Cockpit before 0.6.1 allows an attacker to inject custom PHP code and achieve Remote Command Execution via registerCriteriaFunction in lib/MongoLite/Database.php, as demonstrated by values in JSON data to the /auth/check or /auth/requestreset URI. id: CVE-2020-35131 info: name: Cockpit CMS 0.6.1 ...

MCP Inspector < 0.14.0 UnauthenticatedRemote Code Execution

The MCP inspector is a developer tool for testing and debugging MCP servers. Versions of MCP Inspector below 0.14.1 are vulnerable to remote code execution due to lack of authentication between the Inspector client and proxy, allowing unauthenticated requests to launch MCP commands over stdio. id...

MikoPBX - Unrestricted File Upload

MikoPBX through 2024.1.114 contains an authenticated unrestricted file upload vulnerability caused by allowing PHP script uploads in PBXCoreREST/Controllers/Files/PostController.php. id: CVE-2025-52207 info: name: MikoPBX - Unrestricted File Upload author: darses severity: critical description: |...

Cisco IOS XE WLC - Arbitrary File Upload

A vulnerability in the Out-of-Band Access Point AP Image Download feature of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system.This vulnerability is due to the presence of a hard-coded JSON Web...