EUVD-2010-1086

Malware in sbrugna...

CVE-2021-41739

A OS Command Injection vulnerability was discovered in Artica Proxy 4.30.000000. Attackers can execute OS commands in cyrus.events.php with GET param logs and POST param rp...

PT-2022-11472

Name of the Vulnerable Software and Affected Versions Artica Proxy version 4.30.000000 Description A OS Command Injection issue was discovered, allowing attackers to execute OS commands in cyrus.events.php using the GET param logs and the POST param rp. Recommendations For Artica Proxy version...

Artica Proxy 操作系统命令注入漏洞

Artica Proxy is an open source Artica proxy solution from French company Artica. A security vulnerability exists in Artica Proxy version 4.30.000000, which stems from a lack of filtering and escaping in the application's cyrus.events.php GET parameter logs and POST parameter rp. An attacker can...

BrightSign Digital Signage (4k242) Directory Traversal Vulnerability

The BrightSign Digital Signage 4k242 is a multimedia playback device from BrightSign USA. A directory traversal vulnerability exists in the BrightSign Digital Signage 4k242 using firmware version 6.2.63 and earlier. An attacker can exploit the vulnerability by sending the 'rp' parameter to the...

CVE-2017-17739

The BrightSign Digital Signage 4k242 device Firmware 6.2.63 and below has directory traversal via the /storage.html rp parameter, allowing an attacker to read or write to files...

Cross site scripting

Cross-site scripting XSS vulnerability in Uniwin eCart Professional before 2.0.16 allows remote attackers to inject arbitrary web script or HTML via the rp parameter to cartView.asp and unspecified other components. NOTE: the provenance of this information is unknown; the details are obtained...