65 matches found
EUVD-2000-0054
Malware in sbrugna...
EUVD-2000-0911
Malware in sbrugna...
EUVD-2009-4829
Malware in sbrugna...
EUVD-2007-5563
Malware in sbrugna...
EUVD-2005-4036
Malware in sbrugna...
PT-2025-27538
Name of the Vulnerable Software and Affected Versions: AVTECH DVR devices affected versions not specified Description: An unauthenticated command injection issue exists in AVTECH DVR devices. This is due to the lack of input sanitization when using wget in the "Search.cgi?action=cgi query"...
CVE-2023-21412
User provided input is not sanitized on the AXIS License Plate Verifier specific “search.cgi” allowing for SQL injections...
CVE-2023-21412
User provided input is not sanitized on the AXIS License Plate Verifier specific “search.cgi” allowing for SQL injections...
Sql injection
User provided input is not sanitized on the AXIS License Plate Verifier specific “search.cgi” allowing for SQL injections...
CVE-2023-21412 Non-sanitized user input could lead to SQL injections in AXIS License Plate Verifier
User provided input is not sanitized on the AXIS License Plate Verifier specific “search.cgi” allowing for SQL injections...
CVE-2023-21412 Non-sanitized user input could lead to SQL injections in AXIS License Plate Verifier
User provided input is not sanitized on the AXIS License Plate Verifier specific “search.cgi” allowing for SQL injections...
PT-2023-18179 · Axis · Axis License Plate Verifier
Name of the Vulnerable Software and Affected Versions: AXIS License Plate Verifier affected versions not specified Description: The issue concerns unsanitized user-provided input on the "search.cgi" endpoint, allowing for SQL injections. Recommendations: At the moment, there is no information abo...
PT-2023-7486 · Axis · Axis License Plate Verifier
Name of the Vulnerable Software and Affected Versions: AXIS License Plate Verifier affected versions not specified Description: The issue concerns the "search.cgi" file in the AXIS License Plate Verifier, where user-provided input is not properly sanitized, allowing for SQL injections. This could...
VulnCheck KEV: CVE-2025-34054
An unauthenticated command injection vulnerability exists in AVTECH DVR devices via Search.cgi?action=cgiquery. The use of wget without input sanitization allows attackers to inject shell commands through the username or queryb64str parameters, executing commands as root. Exploitation evidence...
CVE-2018-19191
Webmin 1.890 has XSS via /config.cgi?webmin, the /shell/index.cgi history parameter, /shell/index.cgi?stripped=1, or the /webminlog/search.cgi uall or mall parameter...
Code injection
Webmin 1.890 has XSS via /config.cgi?webmin, the /shell/index.cgi history parameter, /shell/index.cgi?stripped=1, or the /webminlog/search.cgi uall or mall parameter...
CVE-2018-19191
Vulnerability (CVE-2018-19191): Webmin 1.890 is vulnerable to a cross-site scripting (XSS) flaw. The flaw allows an unauthenticated, remote attacker to trigger arbitrary script execution in a user’s browser by getting a user to click a specially crafted URL. Affected parameters include /config.cg...
meyerbos.com XSS vulnerability
Open Bug Bounty ID: OBB-671533 Description| Value ---|--- Affected Website:| meyerbos.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
opening.jp XSS vulnerability
Open Bug Bounty ID: OBB-533495 Description| Value ---|--- Affected Website:| opening.jp Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
timetable.waikato.ac.nz XSS vulnerability
Vulnerable URL: https://timetable.waikato.ac.nz/perl-bin/exams/search.cgi Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Coordinated Disclosure Timeline:...