CVE-2023-53963

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an unauthenticated OS command injection vulnerability that allows remote attackers to execute arbitrary shell commands through the 'password' parameter. Attackers can exploit the login.php and index.php scripts by injecting shell commands via the...

CVE-2023-53962

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an unauthenticated directory traversal vulnerability that allows remote attackers to write arbitrary files through the 'upgfile' parameter in upload.cgi. Attackers can exploit the vulnerability by sending crafted multipart form-data POST requests with...

CVE-2024-53573

Unifiedtransform v2.X is vulnerable to Incorrect Access Control. Unauthorized users can access and manipulate endpoints intended exclusively for administrative use. This issue specifically affects teacher/edit/id...

Realtek AP-Router SDK Security Vulnerability

Realtek AP-Router SDK is a software package for wireless chipsets from Realtek Semiconductor Realtek, a Chinese company. A security vulnerability exists in the Realtek AP-Router SDK that stems from a stack-based buffer overflow vulnerability in the boa formRoute feature, which can lead to remote...

Realtek AP-Router SDK Input Validation Error Vulnerability

The Realtek AP-Router SDK is a software package for wireless chipsets from Realtek Semiconductor Realtek of China. An input validation error vulnerability exists in the Realtek AP-Router SDK, which stems from an integer overflow vulnerability in the boa updateConfigIntoFlash function, which can...

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Authentication Bypass Vulnerability

Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Authentication Bypass Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15 Impact/Pulse/First Version 1:...

CVE-2021-35395

Realtek Jungle SDK version v2.x up to v3.4.14B provides an HTTP web server exposing a management interface that can be used to configure the access point. Two versions of this management interface exists: one based on Go-Ahead named webs and another based on Boa named boa. Both of them are affect...

CVE-2020-27260

Innokas Yhtymä Oy Vital Signs Monitor VC150 prior to Version 1.7.15 HL7 v2.x injection vulnerabilities exist in the affected products that allow physically proximate attackers with a connected barcode reader to inject HL7 v2.x segments into specific HL7 v2.x messages via multiple expected...

Design/Logic Flaw

Innokas Yhtymä Oy Vital Signs Monitor VC150 prior to Version 1.7.15 HL7 v2.x injection vulnerabilities exist in the affected products that allow physically proximate attackers with a connected barcode reader to inject HL7 v2.x segments into specific HL7 v2.x messages via multiple expected...

CVE-2020-27260

Innokas Yhtymä Oy Vital Signs Monitor VC150 prior to Version 1.7.15 HL7 v2.x injection vulnerabilities exist in the affected products that allow physically proximate attackers with a connected barcode reader to inject HL7 v2.x segments into specific HL7 v2.x messages via multiple expected...

CVE-2020-27260

CVE-2020-27260 affects Innokas Yhtymä Oy Vital Signs Monitor VC150 (pre-1.7.15). The vuln is an HL7 v2.x injection in HL7 messages triggered by multiple parameters, exploitable by physically proximate attackers with a connected barcode reader. The CVSS v3 base score is 5.3 (NEIGHBOR, HIGH integri...

CVE-2017-12943

CVE-2017-12943 affects D-Link DIR-600 Rev Bx devices with v2.x firmware. The vulnerability is an absolute path traversal in the endpoint model/__show_info.php?REQUIRE_FILE= which allows remote attackers to read passwords (admin credentials) from the device. Public mention in multiple sources (Exp...

Openfiler 2.x - NetworkCard Command Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

OpenSupports 2.x - Auth Bypass/CSRF Vulnerabilities

No description provided by source. + Author: TUNISIAN CYBER + Exploit Title: OpenSupports v2.x AuthBypass/CSRF Vulnerabilities + Date: 15-03-2014 + Category: WebApp + Version: 2.x + Tested on: KaliLinux/Windows 7 Pro + CWE: CWE-302/CWE-89 + Vendor: http://www.opensupports.com/ + Friendly Sites:...

Arab Portal 2.x - (forum.php qc) Remote SQL Injection Exploit

No description provided by source. ? / Arab Portal v2.x forum.php qc SQL Injection Exploit - Author : rEcruit - Mail : [email protected] - Download : http://arab-portal.net/download.php - Vuln in ./forum.php Line: 1503 code ifisset$apt-getqc &&!isset$apt-getqp $qc = $apt-getqc; $result =...

Openfiler 2.x NetworkCard Command Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Openfiler v2.x...

Openfiler v2.x NetworkCard Command Execution

Exploit for linux platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

Didactum SensorProbe v2.x - Persistent Web Vulnerability

Document Title: =============== Didactum SensorProbe v2.x - Persistent Web Vulnerability Release Date: ============= 2011-08-23 Vulnerability Laboratory ID VL-ID: ==================================== 109 Product & Service Introduction: =============================== Netzwerkgestützte...

Sablog-X v2. x is an arbitrary variable overwrite vulnerability-vulnerability warning-the black bar safety net

author: 80vul-B team:http://www. 80vul. com A description of Syria: the Due to the Sablog-x v2. x common. inc. php in the$EVO the initialization process there is a logical vulnerability, leading to can use extractto overwrite any of the variables, eventually leading toxss, sql injection, code...

Sablog-X v2.x 任意变量覆盖漏洞

由于Sablog-x v2.x的common.inc.php里$EVO初始化处理存在逻辑漏洞，导致可以利用extract来覆盖任意变量，最终导致xss、sql注射、代码执行等很多严重的安全漏洞。 common.inc.php代码里： .... $onoff = functionexists'iniget' ? iniget'registerglobals' : getcfgvar'registerglobals'; if $onoff != 1 @extract$COOKIE, EXTRSKIP; @extract$POST, EXTRSKIP; @extract$GET,...