28 matches found
CVE-2026-41901
Thymeleaf is a server-side Java template engine for web and standalone environments. Prior to 3.1.5.RELEASE, a security bypass vulnerability exists in the expression execution mechanisms of Thymeleaf. Although the library provides mechanisms to avoid the execution of potentially dangerous...
EUVD-2026-25341
OpenClaw before 2026.3.31 contains an environment variable leakage vulnerability in SSH-based sandbox backends that pass unsanitized process.env to child processes. Attackers can exploit this by leveraging non-default SSH environment forwarding configurations to leak sensitive environment variabl...
Arbitrary Argument Injection
Overview Affected versions of this package are vulnerable to Arbitrary Argument Injection through the Runner.exec process. An attacker can execute arbitrary OS commands on the server by uploading or renaming a file with a crafted filename containing shell metacharacters, which are unsafely...
CVE-2026-33909 OpenEMR Vulnerable to SQL Injection via Unsanitized Variables in MedEx Recall/Reminder Processing
OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, several variables in the MedEx recall/reminder processing code are concatenated directly into SQL queries without parameterization or type casting, enabling SQL...
CVE-2026-32298 Angeet ES3 KVM OS command injection
The Angeet ES3 KVM does not properly sanitize user-supplied variables parsed by the 'cfg.lua' script, allowing an authenticated attacker to execute OS-level commands...
EUVD-2008-4088
Malware in sbrugna...
SUSE CVE-2017-12061
An XSS issue was discovered in admin/install.php in MantisBT before 1.3.12 and 2.x before 2.5.2. Some variables under user control in the MantisBT installation script are not properly sanitized before being output, allowing remote attackers to inject arbitrary JavaScript code, as demonstrated by...
nodejs-underscore: Arbitrary code execution via the template function
A flaw was found in nodejs-underscore. Arbitrary code execution via the template function is possible, particularly when a variable property is passed as an argument as it is not sanitized. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...
Nagios XI 5.7.5 Remote Code Execution Exploit
nagios-xi-5.7.5-bugs Bugs reported to Nagios XI CVE-2021-25296 Code Location /usr/local/nagiosxi/html/includes/configwizards/windowswmi/windowswmi.inc.php Code snippet php if !empty$pluginoutputlen $diskwmicommand .= " --forcetruncateoutput " . $pluginoutputlen; $servicewmicommand .= "...
CVE-2015-4615
Vulnerability in Easy2map-photos WordPress Plugin v1.09 allows SQL Injection via unsanitized mapTemplateName, mapName, mapSettingsXML, parentCSSXML, photoCSSXML, mapCSSXML, mapHTML,mapID variables...
CVE-2015-4615
CVE-2015-4615 affects the Easy2Map-Photos WordPress Plugin (v1.0.9). The vulnerability is an SQL Injection via unsanitized inputs including mapTemplateName, mapName, mapSettingsXML, parentCSSXML, photoCSSXML, mapCSSXML, mapHTML, and mapID, caused by non-parameterized SQL queries in Functions.php....
drupal -- Drupal Core - Multiple Vulnerabilities
Drupal Security Team reports: he path module allows users with the 'administer paths' to create pretty URLs for content. In certain circumstances the user can enter a particular path that triggers an open redirect to a malicious url.The issue is mitigated by the fact that the user needs the...
phpBB Static Topics <= 1.0 [phpbb_root_path] File Include Vulnerability
No description provided by source. --------------------------------------------------------------------------- phpBB Static Topics = 1.0 phpbbrootpath Remote File Include Vulnerability --------------------------------------------------------------------------- Discovered By Kw3RLn Romanian Securi...
Simple Free PHP Forum Script <= SQL Injection Vulnerability
No description provided by source. Exploit Title: Simple Free PHP Forum Script = 1 SQL Injection Vulnerability Date: 2011-10-19 Author: Skraps, Jackie Craig Sparksjackie.craig.sparksatlive.com jackie.craig.sparksatgmail.com @skrapsfoo Software Link: http://www.phpforumscript.com/?pageid=11 Versio...
DSA-2853-1 horde3 - Remote code execution
Bulletin has no description...
MyBB KingChat Plugin - SQL Injection
MyBB KingChat Plugin - SQL Injection Exploit Title: KingChat MyBB plugin SQL Injection 0day Google Dork: inurl:"kingchat.php" Date: 13.10.2012 Exploit Author: RedHat NullSec Software Link: http://mods.mybb.com/view/kingchat Tested on: Windows & Linux. Vulnerable code : query"SELECT FROM...
Simple Free PHP Forum Script - SQL Injection
Simple Free PHP Forum Script - SQL Injection Exploit Title: Simple Free PHP Forum Script 1,BENCHMARK500000000,MD5CHAR115,113,108,109,97,112,0 AND id='1 wget "http://127.0.0.1/forum/index.php?show=cat&id=1' AND 1=IF21,BENCHMARK500000000,MD5CHAR115,113,108,109,97,112,0 AND id='1" --------------...
Simple Free PHP Forum Script 1 SQL Injection
Exploit Title: Simple Free PHP Forum Script 1,BENCHMARK500000000,MD5CHAR115,113,108,109,97,112,0 AND id='1 wget "http://127.0.0.1/forum/index.php?show=cat&id=1' AND 1=IF21,BENCHMARK500000000,MD5CHAR115,113,108,109,97,112,0 AND id='1" -------------- Vurnerable Code -------------- Line 150 of...
Pearl Forums 2.4 - Multiple Remote File Inclusions
| \ | / | \ \ / | | | | | \ / | \ \ / / | | | | '| | |/| |/ \ / / \ / / | | '| | | / | | || | | | | | | | | \ / | | | | || \ \ |/|| || ||,//\ / ||| ,|/ ///////////////////////////////////////////////////////////////////////////////////////////////////////////// //Script:Pearl Forums...
CentiPaid 1.4.2 - 'centipaid_class.php' Remote File Inclusion
--------------------------------------------------------------------------- CentiPaid = 1.4.2 absolutepath Remote File Include Vulnerability --------------------------------------------------------------------------- Discovered By Kw3RLn Romanian Security Team : hTTp://RST-CREW.net : Remote : Yes...