Lucene search
+L

100 matches found

Cvelist
Cvelist
added 2023/12/01 12:0 a.m.25 views

CVE-2023-48842

D-Link Go-RT-AC750 revAv101b03 was discovered to contain a command injection vulnerability via the service parameter at hedwig.cgi...

10AI score0.03745EPSS
Exploits2References1
CNNVD
CNNVD
added 2023/12/01 12:0 a.m.6 views

D-Link Go-RT-AC750 安全漏洞

The D-Link GO-RT-AC750 is a wireless dual-band simple router from China's AUO D-Link. A command injection vulnerability exists in the D-Link Go-RT-AC750 revAv101b03 version, which stems from the service parameter of hedwig.cgi failing to correctly filter the construct command special characters,...

9.8CVSS8.2AI score0.03745EPSS
Exploits2References1
CNNVD
CNNVD
added 2023/10/26 12:0 a.m.5 views

Packers and Movers Management System SQL Injection Vulnerability

Packers and Movers Management System is a Packers and Movers Management System by Carlo Montero Individual Developer. A security vulnerability exists in Sourcecodester Packers and Movers Management System v1.0, which stems from a SQL injection vulnerability in the parameter p=services/viewservice...

9.8CVSS8AI score0.00629EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/10/23 12:0 a.m.10 views

CVE-2023-46059

Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component...

6.3AI score0.00596EPSS
Exploits1References1
OSV
OSV
added 2023/10/23 12:0 a.m.17 views

CVE-2023-46059

Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component...

4.8CVSS6.5AI score0.00596EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/10/23 12:0 a.m.19 views

CVE-2023-46059

Cross Site Scripting XSS vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component...

5.3AI score0.00596EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/09/20 12:0 a.m.6 views

PT-2023-27543 · Openknowledgemaps · Openknowledgemaps Head Start

Name of the Vulnerable Software and Affected Versions: OpenKnowledgeMaps Head Start versions 4, 5, 6, 7 Visual Project Explorer version 1.0 Description: A reflected cross-site scripting XSS issue allows remote attackers to execute arbitrary JavaScript in the web browser of a user. This is achieve...

6.1CVSS6.1AI score0.00512EPSS
Exploits1References8
NVD
NVD
added 2023/06/15 9:15 p.m.14 views

CVE-2023-34800

D-Link Go-RT-AC750 revAv101b03 was discovered to contain a command injection vulnerability via the service parameter at genacgimain...

9.8CVSS9.8AI score0.29348EPSS
Exploits1References2
Prion
Prion
added 2023/06/15 9:15 p.m.17 views

Command injection

D-Link Go-RT-AC750 revAv101b03 was discovered to contain a command injection vulnerability via the service parameter at genacgimain...

7.5CVSS9.8AI score0.29348EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2023/06/15 12:0 a.m.11 views

PT-2023-3363 · D Link · D-Link Go-Rt-Ac750

Name of the Vulnerable Software and Affected Versions: D-Link Go-RT-AC750 revA v101b03 Description: The issue is related to a command injection vulnerability. It can be exploited via the service parameter at genacgi main, allowing a remote attacker to execute arbitrary commands. The vulnerability...

9.8CVSS8.1AI score0.29348EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/05/20 12:0 a.m.19 views

Dental Clinic Appointment Reservation System 跨站脚本漏洞

Dental Clinic Appointment Reservation System is a Dental Clinic Appointment Reservation System by jkev Personal Developer. A cross-site scripting vulnerability exists in SourceCodester Dental Clinic Appointment Reservation System version 1.0 due to an unknown function in the file /admin/service.p...

6.1CVSS4.1AI score0.0057EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/04/25 12:0 a.m.3 views

Git 注入漏洞

GIT is a revision control system. GIT suffers from a service parameter injection vulnerability that can be exploited by an attacker to execute arbitrary code from a distance...

7.8CVSS8.1AI score0.06079EPSS
Exploits2References19
NVD
NVD
added 2023/04/01 11:15 p.m.23 views

CVE-2023-26822

D-Link Go-RT-AC750 revAv101b03 was discovered to contain a command injection vulnerability via the service parameter at soapcgi.main...

9.8CVSS9.8AI score0.0337EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:35 a.m.3 views

SUSE CVE-2013-4955

Open redirect vulnerability in the login page in Puppet Enterprise before 3.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the service parameter...

5.8CVSS6.7AI score0.01128EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/01/17 12:0 a.m.7 views

D-LINK DIR 645A1 缓冲区错误漏洞

The D-LINK DIR 645A1 is a wireless router from China-based AUO D-LINK. The D-LINK DIR 645A1 1.06B01Beta01 suffers from a buffer error vulnerability that originates from a stack overflow via the service= variable in the genacgimain function...

9.8CVSS7.5AI score0.09529EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/01/10 12:0 a.m.8 views

PT-2023-14624 · Archibus · Archibus Web Central

Name of the Vulnerable Software and Affected Versions: Archibus Web Central version 2022.03.01.107 Description: An issue was discovered in the application where a service accepts user-controlled parameters to act on the data returned to the user. This allows a basic user to access data unrelated ...

6.5CVSS6.9AI score0.00481EPSS
Exploits0References6
OSV
OSV
added 2022/12/30 9:15 p.m.5 views

CVE-2022-46588

TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the sysservice parameter in the setupwizardmydlink sub4104B8 function...

9.8CVSS5.8AI score0.00873EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/12/30 12:0 a.m.5 views

TRENDnet TEW-755AP 缓冲区错误漏洞

The TRENDnet TEW-755AP is a router from TRENDnet. The TRENDnet TEW-755AP suffers from a stack overflow vulnerability that stems from a lack of size checking of input data in the sysservice parameter of the setupwizardmydlink sub4104B8 function, which can be exploited by an attacker to execute...

9.8CVSS7.9AI score0.00873EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/12/30 12:0 a.m.8 views

PT-2022-27924 · Trendnet · Trendnet Tew755Ap

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW755AP version 1.13B01 Description: A command injection issue was found in the setup wizard mydlink function, specifically via the sys service parameter in the sub 4104B8 function. Recommendations: For TRENDnet TEW755AP version...

9.8CVSS9.7AI score0.02291EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2022/12/30 12:0 a.m.9 views

CVE-2022-46588

TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the sysservice parameter in the setupwizardmydlink sub4104B8 function...

7.8AI score0.00873EPSS
Exploits1References1
Rows per page
Query Builder