12 matches found
EUVD-2019-16069
Malware in sbrugna...
EUVD-2023-27650
Malicious code in bioql PyPI...
Milesight UR32L ys_thirdparty user_delete function command injection vulnerability
The Milesight UR32L is a 4G industrial router from China's Milesight. A command injection vulnerability exists in the Milesight UR32L ysthirdparty userdelete function, which can be exploited by an attacker to execute arbitrary commands on the system...
CVE-2023-23550
An OS command injection vulnerability exists in the ysthirdparty userdelete functionality of Milesight UR32L v32.3.0.5. A specially crafted network packet can lead to command execution. An attacker can send a sequence of requests to trigger this vulnerability...
Command injection
An OS command injection vulnerability exists in the ysthirdparty userdelete functionality of Milesight UR32L v32.3.0.5. A specially crafted network packet can lead to command execution. An attacker can send a sequence of requests to trigger this vulnerability...
CVE-2023-23550
An OS command injection vulnerability exists in the ysthirdparty userdelete functionality of Milesight UR32L v32.3.0.5. A specially crafted network packet can lead to command execution. An attacker can send a sequence of requests to trigger this vulnerability...
Milesight UR32L 操作系统操作系统命令注入漏洞
The Milesight UR32L is a 4G industrial router from China's Milesight. A command injection vulnerability exists in the Milesight UR32L ysthirdparty userdelete function, which can be exploited by an attacker to execute arbitrary commands on the system...
Milesight UR32L ys_thirdparty user_delete OS command injection vulnerability
Talos Vulnerability Report TALOS-2023-1694 Milesight UR32L ysthirdparty userdelete OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-23550 SUMMARY An OS command injection vulnerability exists in the ysthirdparty userdelete functionality of Milesight UR32L v32.3.0.5. A specially...
CVE-2019-6510
An issue was discovered in creditease-sec insight through 2018-09-11. userdelete in srcpm/app/admin/views.py allows CSRF...
CVE-2019-6510
An issue was discovered in creditease-sec insight through 2018-09-11. userdelete in srcpm/app/admin/views.py allows CSRF...
CVE-2019-6510
The CVE-2019-6510 entry describes a CSRF weakness in creditease-sec insight up to 2018-09-11, specifically in the user_delete function of srcpm/app/admin/views.py. The issue arises from lack of sufficient CSRF protection, enabling potential unauthorized state-changing requests. CVSS data from NVD...
Sql injection
Multiple SQL injection vulnerabilities in Click&Rank allow remote attackers to execute arbitrary SQL commands via the id parameter to 1 hitcounter.asp, 2 userdelete.asp, and 3 userupdate.asp; 4 the userid parameter to adminlogin.asp aka the USERNAME field in admin.asp; and 5 the PassWord paramete...