20 matches found
FlowChief ScadaApp 安全漏洞
FlowChief ScadaApp is an industrial-grade mobile application developed by the German company FlowChief. Version 1.1.4.0 of FlowChief ScadaApp contains a security vulnerability. This vulnerability allows attackers to cause the application to crash by entering an excessively long buffer value in th...
CVE-2019-25311 thesystem Persistent XSS
thesystem version 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through multiple server data input fields. Attackers can submit crafted script payloads in operatingsystem, systemowner, systemusername, systempassword,...
CVE-2019-25311
The CVE concerns thesystem version 1.0, which contains a persistent cross-site scripting (XSS) vulnerability. Attackers can inject malicious scripts via multiple server input fields, specifically operating_system, system_owner, system_username, system_password, system_description, and server_name...
RaidenFTPD Server <= 2.4.4005 Buffer Overflow Vulnerability
RaidenFTPD v.2.4 build 4005 allows a local attacker to execute arbitrary code via the Server name field of the step by step setup wizard. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
CVE-2025-62801
FastMCP is the standard framework for building MCP applications. Versions prior to 2.13.0, a command-injection vulnerability lets any attacker who can influence the servername field of an MCP execute arbitrary OS commands on Windows hosts that run fastmcp install cursor. This vulnerability is fix...
EUVD-2025-36567
FastMCP vulnerable to windows command injection in FastMCP Cursor installer via servername...
Command Injection
Overview fastmcp is a The fast, Pythonic way to build MCP servers and clients. Affected versions of this package are vulnerable to Command Injection via the servername field. An attacker can execute arbitrary OS commands by supplying crafted input to this field during the installation process on...
CVE-2025-62801
FastMCP is the standard framework for building MCP applications. Versions prior to 2.13.0, a command-injection vulnerability lets any attacker who can influence the servername field of an MCP execute arbitrary OS commands on Windows hosts that run fastmcp install cursor. This vulnerability is fix...
CVE-2025-62801 FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name
FastMCP is the standard framework for building MCP applications. Versions prior to 2.13.0, a command-injection vulnerability lets any attacker who can influence the servername field of an MCP execute arbitrary OS commands on Windows hosts that run fastmcp install cursor. This vulnerability is fix...
FastMCP 操作系统命令注入漏洞
FastMCP is an MCP server builder from the individual developer Jeremiah Lowin. An operating system command injection vulnerability exists in FastMCP versions prior to 2.13.0, which stems from the vulnerability of the servername field to a command injection attack that could result in the executio...
PT-2024-31788
Name of the Vulnerable Software and Affected Versions: Envoy versions prior to 1.28.7 Envoy versions prior to 1.29.9 Envoy versions prior to 1.30.6 Envoy versions prior to 1.31.2 Description: A vulnerability has been identified in Envoy that allows malicious attackers to inject unexpected content...
Tenda AX1803 安全漏洞
Tenda AX1803 is a dual-band Gigabit WIFI6 router from Tenda China. The Tenda AX1803 version 1.0.0.1 suffers from a buffer overflow vulnerability that originates from the parameter serverName/ddnsUser/ddnsPwd/ddnsDomain failing to correctly validate the length and size of the input data, which can...
CVE-2023-39063
Buffer Overflow vulnerability in RaidenFTPD 2.4.4005 allows a local attacker to execute arbitrary code via the Server name field of the Step by step setup wizard...
CVE-2023-39063
Buffer Overflow vulnerability in RaidenFTPD 2.4.4005 allows a local attacker to execute arbitrary code via the Server name field of the Step by step setup wizard...
RaidenFTPD Security Vulnerability
RaidenFTPD is an easy-to-use FTP daemon for Windows. A security vulnerability exists in RaidenFTPD version 2.4.4005, which stems from a buffer overflow vulnerability. The vulnerability can be exploited to execute arbitrary code via the Server name field of the step-by-step setup wizard...
CVE-2023-39063
Buffer Overflow vulnerability in RaidenFTPD 2.4.4005 allows a local attacker to execute arbitrary code via the Server name field of the Step by step setup wizard...
CVE-2023-39063
Buffer Overflow vulnerability in RaidenFTPD 2.4.4005 allows a local attacker to execute arbitrary code via the Server name field of the Step by step setup wizard...
CVE-2021-35475
SAS Environment Manager 2.5 allows XSS through the Name field when creating/editing a server. The XSS will prompt when editing the Configuration Properties...
Wibu-Systems CodeMeter Cross-Site Scripting Vulnerability
Wibu-Systems CodeMeter is a suite of anti-piracy protection products from Wibu-Systems for software protection against piracy and unsecured software. The product uses encryption technology and a small USB hardware device, CmStick, which has a built-in SmartCard chip with 128KB of secure memory fo...
CVE-2017-13754
Cross-site scripting XSS vulnerability in the "advanced settings - time server" module in Wibu-Systems CodeMeter before 6.50b allows remote attackers to inject arbitrary web script or HTML via the "server name" field in actions/ChangeConfiguration.html...