11 matches found
WordPress plugin WOLF SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. WordPress...
CVE-2025-70039
An issue pertaining to CWE-78: Improper Neutralization of Special Elements used in an OS Command was discovered in linagora Twake v2023.Q1.1223...
Linksys MR9600和Linksys MX4200 安全漏洞
The Linksys MR9600 and Linksys MX4200 are both products of the American company Linksys. The Linksys MR9600 is a wireless router. The Linksys MX4200 is a mesh network router. Both the Linksys MR9600 version 1.0.4.205530 and the Linksys MX4200 version 1.0.13.210200 have security vulnerabilities,...
The vulnerability of the itc_hash_compare component in the Virtuoso-OpenSource web application development platform allows a attacker to trigger a service failure.
The vulnerability of the itchashcompare component in the Virtuoso-opensource web application development platform is related to the improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to cause a service failure by sending specially...
The software’s vulnerability regarding backup and disaster recovery in HBS 3 Hybrid Backup Sync. This allows a hacker to execute arbitrary commands on QNAP network devices.
The vulnerability of the HBS 3 Hybrid Backup Sync software regarding backup and disaster recovery operations is related to the lack of measures taken to neutralize special elements used in the operating system. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the lxmldbc_system() function in D-Link DIR-859 router software allows a hacker to execute arbitrary commands.
The vulnerability of the lxmldbcsystem function in D-Link DIR-859 router microprogramming software is related to the lack of measures to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
Ncode Ncep SQL Injection Vulnerability
Ncode Ncep is an application from Ncode, Inc. A SQL injection vulnerability exists in versions prior to Ncode Ncep 20230914 that stems from improper neutralization of special elements...
The vulnerability of the outputFunctionName function in the Node.js web application framework allows a attacker to execute arbitrary commands.
The vulnerability of the outputFunctionName function in the Node.js web application framework is related to incorrect elimination of special elements in the output data used by the incoming component. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability in the implementation of the oal_setIp6DefaultRoute() function in the libcmm.so module of the TP-Link TL-WR840N (ES) router’s software allows a attacker to execute arbitrary commands.
The vulnerability in the implementation of the oalsetIp6DefaultRoute function in the libcmm.so module of the TP-Link TL-WR840N ES router’s software lies in the failure to properly handle special elements when processing the ifName argument. Exploiting this vulnerability allows an attacker to...
The vulnerability of the command-line interface of the FortiWAN traffic balancing system allows a attacker to increase their privileges.
The vulnerability of the command-line interface of the FortiWAN traffic balancing system exists because measures to neutralize special elements used in the operating system’s command line are not taken. Exploiting this vulnerability can allow attackers to increase their privileges...
The vulnerability of the IMAP component of the PHP programming language interpreter allows attackers to execute arbitrary commands on the operating system.
The vulnerability of the IMAP component of the PHP programming language interpreter is related to insufficient neutralization of special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary operating system commands...