PT-2025-34521 · Linksys · Linksys Re6300 +5

Name of the Vulnerable Software and Affected Versions: Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 versions 1.0.013.001 through 1.2.07.001 Description: A vulnerability exists in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 routers. The langSwitchByBBS function within th...

CVE-2020-19213

SQL Injection vulnerability in catmove.php in piwigo v2.9.5, via the selection parameter to movecategories...

Ubuntu 24.04 LTS. : curl vulnerabilities (USN-6718-3)

The remote Ubuntu 24.04 LTS. host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6718-3 advisory. USN-6718-1 fixed vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 24.04 LTS. Tenable has extracted the preceding...

DEBIAN-CVE-2024-2004

When a protocol selection parameter option disables all protocols without adding any then the default set of protocols would remain in the allowed set due to an error in the logic for removing protocols. The below command would perform a request to curl.se with a plaintext protocol which has been...

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : curl vulnerabilities (USN-6718-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6718-1 advisory. Dan Fandrich discovered that curl would incorrectly use the default set of protocols when a parameter option disabled all protocols...

Piwigo cat_move.php SQL Injection Vulnerability

Piwigo is a Web-based open source photo gallery software. The software includes features such as image management, image categorization and permission management. Piwigo catmove.php SQL injection vulnerability , an attacker can use the vulnerability through the selection parameter can be injected...

Sql injection

SQL Injection vulnerability in catmove.php in piwigo v2.9.5, via the selection parameter to movecategories...

CVE-2014-8555

Directory traversal vulnerability in report/reportViewAction.jsp in Progress Software OpenEdge 11.2 allows remote attackers to read arbitrary files via a .. dot dot in the selection parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in tasks.php in WebCollab before 2.50 aka Billy Goat allows remote attackers to inject arbitrary web script or HTML via the selection parameter in a todo action...

CVE-2009-1454

Cross-site scripting XSS vulnerability in tasks.php in WebCollab before 2.50 aka Billy Goat allows remote attackers to inject arbitrary web script or HTML via the selection parameter in a todo action...