13 matches found
EUVD-2018-21786
ThinkPHP 5.0.23 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by invoking functions through the routing parameter. Attackers can craft requests to the index.php endpoint with malicious function parameters to execute system...
CVE-2018-25270
ThinkPHP 5.0.23 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by invoking functions through the routing parameter. Attackers can craft requests to the index.php endpoint with malicious function parameters to execute system...
CVE-2018-25270
ThinkPHP 5.0.23 remote code execution via invokefunction: unauthenticated attackers can craft requests to index.php with malicious function parameters to execute arbitrary PHP code with application privileges. Impacted component is ThinkPHP 5.0.23 routing invokefunction pathway. CVSS metrics in t...
CVE-2018-25270 ThinkPHP 5.0.23 Remote Code Execution via invokefunction
ThinkPHP 5.0.23 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by invoking functions through the routing parameter. Attackers can craft requests to the index.php endpoint with malicious function parameters to execute system...
CVE-2018-25270
ThinkPHP 5.0.23 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by invoking functions through the routing parameter. Attackers can craft requests to the index.php endpoint with malicious function parameters to execute system...
CVE-2026-34798
Endian Firewall version 3.3.25 and prior allow stored cross-site scripting XSS via the remark parameter to /cgi-bin/routing.cgi. An authenticated attacker can inject arbitrary JavaScript that is stored and executed when other users view the affected page...
EUVD-2007-0910
Malware in sbrugna...
EUVD-2004-2655
Malware in sbrugna...
Linksys多款产品 安全漏洞
Linksys RE6250 and others are a wireless extender from Linksys USA. A security vulnerability exists in various Linksys products, which stems from improper manipulation of the RIPmode and RIPpasswd parameters by the setRIP function, which may result in a stack buffer overflow. The following produc...
Zend Framework < 2.0.8 / 2.1.x < 2.1.4 Multiple Vulnerabilities
Binary data 9146.prm...
Code injection
Unspecified vulnerability in the Address and Routing Parameter Area ARPA transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors. NOTE: this is probably different from CVE-2007-0916, but this is not certain due to lack ...
Code injection
Unspecified vulnerability in the Address and Routing Parameter Area ARPA transport functionality in HP-UX B.11.11, B.11.23, and B.11.31 allows remote attackers to cause an unspecified denial of service via unknown vectors...
Design/Logic Flaw
Unspecified vulnerability in the Address and Routing Parameter Area ARPA transport functionality in HP-UX B.11.11 and B.11.23 allows local users to cause an unspecified denial of service via unknown vectors...