CVE-2026-40825

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view devices parameter due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table...

CVE-2026-40824

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view userid parameter due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table...

CVE-2026-40824 Authenticated SQLi in accountstatus view

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view userid parameter due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table...

PT-2026-43563

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view userid parameter due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table...

CVE-2026-34926

CVE-2026-34926 concerns the on‑premise Apex One server, where a directory traversal flaw could let a pre‑authenticated local attacker with admin access modify a server key table to inject code that is deployed to agents. The vulnerability is limited to the on‑premise deployment; no public exploit...

EUVD-1999-0254

Malware in sbrugna...

EUVD-2004-0125

Malware in sbrugna...

Joomla! 2.5.x < 3.9.20 Multiple Vulnerabilities

According to its self-reported version, the instance of Joomla! running on the remote web server is 2.5.x prior to 3.9.20. It is, therefore, affected by multiple vulnerabilities. - A missing token check in the ajaxinstall endpoint cominstaller causes a CSRF vulnerability. - Missing validation...

[20200704] - Core - Variable tampering via user table class

Internal read-only fields in the User table class could be modified by users...

Guojiz Change Password Interface Has Arbitrary User Privilege Vulnerability

Guojiz is a light community system based on layui front-end framework and thinkphp. Guojiz password change interface has any user privilege vulnerability, an attacker can use this vulnerability to modify any user's data table information, so as to enhance their own or other people's privileges...

CVE-2019-11661

Allow changes to some table by non-SysAdmin in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized access and modification of data...

Netopia R-series Routers 4.6.2 - Modifying SNMP Tables

Netopia R-series Routers 4.6.2 - Modifying SNMP Tables source: https://www.securityfocus.com/bid/1177/info All R-series platforms with firmware between 4.3.8 and 4.6.2 inclusive allow users who already have access to the router to modify SNMP tables which they should not be able to access. The...