5 matches found
CVE-2024-55074
The edit profile function of Grocy through 4.3.0 allows stored XSS and resultant privilege escalation by uploading a crafted HTML or SVG file, a different issue than CVE-2024-8370...
Hitachi Energy RTU500 安全漏洞
RTU500 is a series of industrial control components from Hitachi, Japan, mainly used in industrial control systems. A security vulnerability exists in Hitachi Energy RTU500 series CMU Firmware, which originates from a problem in stb language file handling, and can be exploited by an attacker to...
Gambio Code Issue Vulnerability
Gambio is an all-in-one e-commerce solution from Gambio, Inc. A code issue vulnerability exists in Gambio version 4.9.2.0 and prior versions that stems from allowing an attacker to execute arbitrary code by uploading a crafted PHP file...
CVE-2023-22914
A path traversal vulnerability in the “accountprint.cgi” CGI program of Zyxel USG FLEX series firmware versions 4.50 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow a remote authenticated attacker with administrator privileges to execute unauthorized OS command...
CVE-2022-20913
A vulnerability in Cisco Nexus Dashboard could allow an authenticated, remote attacker to write arbitrary files on an affected device. This vulnerability is due to insufficient input validation in the web-based management interface of Cisco Nexus Dashboard. An attacker with Administrator...