Lucene search
K

11 matches found

CNNVD
CNNVD
added 2026/03/13 12:0 a.m.5 views

WordPress plugin WOLF SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. WordPress...

7.6CVSS5.9AI score0.00224EPSS
Exploits0References1
NVD
NVD
added 2026/03/09 6:16 p.m.4 views

CVE-2025-70039

An issue pertaining to CWE-78: Improper Neutralization of Special Elements used in an OS Command was discovered in linagora Twake v2023.Q1.1223...

9.8CVSS0.0038EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/02/25 12:0 a.m.9 views

Linksys MR9600和Linksys MX4200 安全漏洞

The Linksys MR9600 and Linksys MX4200 are both products of the American company Linksys. The Linksys MR9600 is a wireless router. The Linksys MX4200 is a mesh network router. Both the Linksys MR9600 version 1.0.4.205530 and the Linksys MX4200 version 1.0.13.210200 have security vulnerabilities,...

9.8CVSS5.9AI score0.0032EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/03/31 12:0 a.m.5 views

The vulnerability of the itc_hash_compare component in the Virtuoso-OpenSource web application development platform allows a attacker to trigger a service failure.

The vulnerability of the itchashcompare component in the Virtuoso-opensource web application development platform is related to the improper elimination of special elements used in SQL commands. Exploiting this vulnerability can allow an attacker to cause a service failure by sending specially...

7.8CVSS7.3AI score0.00551EPSS
Exploits1References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/10/30 12:0 a.m.8 views

The software’s vulnerability regarding backup and disaster recovery in HBS 3 Hybrid Backup Sync. This allows a hacker to execute arbitrary commands on QNAP network devices.

The vulnerability of the HBS 3 Hybrid Backup Sync software regarding backup and disaster recovery operations is related to the lack of measures taken to neutralize special elements used in the operating system. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

10CVSS8.1AI score0.02313EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/09/19 12:0 a.m.7 views

The vulnerability of the lxmldbc_system() function in D-Link DIR-859 router software allows a hacker to execute arbitrary commands.

The vulnerability of the lxmldbcsystem function in D-Link DIR-859 router microprogramming software is related to the lack of measures to neutralize special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

6.3CVSS8.1AI score0.0302EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2023/09/15 12:0 a.m.5 views

Ncode Ncep SQL Injection Vulnerability

Ncode Ncep is an application from Ncode, Inc. A SQL injection vulnerability exists in versions prior to Ncode Ncep 20230914 that stems from improper neutralization of special elements...

9.8CVSS7.9AI score0.00534EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/07/13 12:0 a.m.6 views

The vulnerability of the outputFunctionName function in the Node.js web application framework allows a attacker to execute arbitrary commands.

The vulnerability of the outputFunctionName function in the Node.js web application framework is related to incorrect elimination of special elements in the output data used by the incoming component. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

10CVSS7.2AI score0.32386EPSS
Exploits5References5Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/03/28 12:0 a.m.6 views

The vulnerability in the implementation of the oal_setIp6DefaultRoute() function in the libcmm.so module of the TP-Link TL-WR840N (ES) router’s software allows a attacker to execute arbitrary commands.

The vulnerability in the implementation of the oalsetIp6DefaultRoute function in the libcmm.so module of the TP-Link TL-WR840N ES router’s software lies in the failure to properly handle special elements when processing the ifName argument. Exploiting this vulnerability allows an attacker to...

6.3CVSS8.1AI score0.72495EPSS
Exploits1References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/07/20 12:0 a.m.8 views

The vulnerability of the command-line interface of the FortiWAN traffic balancing system allows a attacker to increase their privileges.

The vulnerability of the command-line interface of the FortiWAN traffic balancing system exists because measures to neutralize special elements used in the operating system’s command line are not taken. Exploiting this vulnerability can allow attackers to increase their privileges...

7.8CVSS5.5AI score0.00788EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2019/04/04 12:0 a.m.4 views

The vulnerability of the IMAP component of the PHP programming language interpreter allows attackers to execute arbitrary commands on the operating system.

The vulnerability of the IMAP component of the PHP programming language interpreter is related to insufficient neutralization of special elements. Exploiting this vulnerability allows a remote attacker to execute arbitrary operating system commands...

8.5CVSS7AI score0.9523EPSS
Exploits6References8Affected Software3
Rows per page
Query Builder