3 matches found
CVE-2026-55975
A vulnerability exists in H.View IP cameras that could allow an authenticated user to supply unsanitized XML fields to the device's certificate generation interface, which are incorporated into a backend certificate creation command without proper input validation. This may allow for command...
PT-2020-16183 · Dotplant · Dotplant2
Name of the Vulnerable Software and Affected Versions: DotPlant2 versions prior to 2020-09-14 Description: An issue was discovered in the Pay2PayPayment class in payment/Pay2PayPayment.php, where there is an XXE vulnerability in the checkResult function. The user input $ POST'xml' is used for...
PT-2005-2876 · Egroupware +10 · Egroupware +10
Name of the Vulnerable Software and Affected Versions: PEAR XML RPC versions 1.3.0 and earlier PHPXMLRPC versions 1.1 and earlier Description: The issue allows remote attackers to execute arbitrary PHP code via an XML file, which is not properly sanitized before being used in an eval statement...