27 matches found
CVE-2026-8364
Gladinet Triofox Cloud Server Agent Access Service GladServerAgentService.exe listens on TCP port 7878 and processes remote HTTP messages with URL paths starting with /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache...
CVE-2026-8359
The CVE concerns Gladinet Triofox on processing requests for /status or /sysinfo, where WOSHttpStatusModule.dll should load to handle the path. The root cause is that WOSHttpStatusModule.dll is not present in the installation, causing the WOSBin_LoadHttpModule export to be NULL and a call to addr...
CVE-2026-8359
When processing a request with a URL path starting with /status or /sysinfo, WOSHttpStatusModule.dll is to be loaded to handle such URL patterns. The WOSBinLoadHttpModule function in the dll would be called to set up a "module" object for that module. However, WOSHttpStatusModule.dll is not prese...
EUVD-2026-32646
When processing a request with a URL path starting with /status or /sysinfo, WOSHttpStatusModule.dll is to be loaded to handle such URL patterns. The WOSBinLoadHttpModule function in the dll would be called to set up a "module" object for that module. However, WOSHttpStatusModule.dll is not prese...
CVE-2026-8364
Gladinet Triofox Cloud Server Agent Access Service GladServerAgentService.exe listens on TCP port 7878 and processes remote HTTP messages with URL paths starting with /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache...
CVE-2026-8364 Gladinet Triofox Missing Authentication for Critical Functions
Gladinet Triofox Cloud Server Agent Access Service GladServerAgentService.exe listens on TCP port 7878 and processes remote HTTP messages with URL paths starting with /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache...
EUVD-2026-32641
Gladinet Triofox Cloud Server Agent Access Service GladServerAgentService.exe listens on TCP port 7878 and processes remote HTTP messages with URL paths starting with /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache...
CVE-2026-8364 Gladinet Triofox Missing Authentication for Critical Functions
Gladinet Triofox Cloud Server Agent Access Service GladServerAgentService.exe listens on TCP port 7878 and processes remote HTTP messages with URL paths starting with /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache...
CVE-2026-8364
Affected software: Gladinet Triofox Cloud Server Agent (GladServerAgentService.exe). Vulnerability behavior: listens on TCP port 7878 and processes remote HTTP messages with URL paths /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache. Impact: CVSS 3.1 base score 9.8; con...
PT-2026-44093
When processing a request with a URL path starting with /status or /sysinfo, WOSHttpStatusModule.dll is to be loaded to handle such URL patterns. The WOSBin LoadHttpModule function in the dll would be called to set up a "module" object for that module. However, WOSHttpStatusModule.dll is not...
PT-2026-44098
Name of the Vulnerable Software and Affected Versions Gladinet Triofox Cloud Server Agent affected versions not specified Description Improper handling of remote HTTP messages in the GladServerAgentService.exe, which listens on TCP port 7878, allows unauthenticated attackers to potentially gain...
SUSE CVE-2026-28682
Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to version 2.2.3, the upload status SSE implementation on /uploadStatus publishes global upload state to any authenticated listener and includes fileid values that are not scoped to the requesting...
PT-2025-49317
Name of the Vulnerable Software and Affected Versions ZSPACE Q2C NAS versions through 1.1.0210050 Description A security flaw exists in ZSPACE Q2C NAS that allows for remote command injection. The issue is located within the zfilev2 api.SafeStatus function of the HTTP POST Request Handler...
EUVD-2025-37922
OSSN Open Source Social Network 8.6 is vulnerable to SQL Injection in /action/rtcomments/status via the timestamp parameter...
CVE-2025-34161
creationtimestamp| type| source ---|---|--- 2025-08-27 17:04:20+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115101811324852634 2025-08-28 14:12:20+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/49385 2025-08-30 21:02:29+00:00| seen|...
Linux Distros Unpatched Vulnerability : CVE-2019-8429
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php filterQueryterms0cnj parameter. CVE-2019-8429 Note that Nessus relies on the presence of the...
PHPGurukul Restaurant Table Booking System 安全漏洞
PHPGurukul Restaurant Table Booking System is a restaurant table booking system from PHPGurukul. A security vulnerability exists in PHPGurukul Restaurant Table Booking System v1.0, which originates from a SQL injection in the searchdata parameter in /rtbs/check-status.php...
Bohua NetDragon Firewall 注入漏洞
Bohua NetDragon Firewall is a firewall from Bohua. An injection vulnerability exists in Bohua NetDragon Firewall version 1.0, which stems from improper handling of the parameter subnet in the file /systemstatus/ipstatus.php, which could lead to command injection...
VulnCheck KEV: CVE-2024-11305
A vulnerability classified as critical was found in Altenergy Power Control Software up to 20241108. This vulnerability affects the function getstatuszigbee of the file /index.php/display/statuszigbee. The manipulation of the argument date leads to sql injection. The attack can be initiated...
DEBIAN-CVE-2023-38323
An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the status path script entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbitrary OS commands...