EUVD-2021-26595

Malware in sbrugna...

CVE-2023-43322

CVE-2023-43322 affects ZPE Systems Nodegrid OS versions 5.0.0–5.0.17, 5.2.0–5.2.19, 5.4.0–5.4.16, 5.6.0–5.6.13, 5.8.0–5.8.10, and 5.10.0–5.10.3, with a command injection via /v1/system/toolkit/files/. Root cause: command injection; CVSS v3.1 base score 8.8 (HIGH) with NETWORK attack vector, LOW a...

CVE-2022-28741

aEnrich a+HRD 5.x Learning Management Key Performance Indicator System has a local file inclusion LFI vulnerability that occurs due to missing input validation in v5.x...

Remote Code Execution Vulnerability in Multiple SIMATIC Software Products

Siemens SIMATIC PCS 7 is a process control system from Siemens, Germany.SIMATIC STEP 7 V5.X is the classic engineering software for configuring and programming SIMATIC S7-300/S7-400/C7/WinAC controllers.STARTER is the drive engineering tool for parameterization and debugging. A remote code...

CVE-2021-3256

KuaiFanCMS V5.x contains an arbitrary file read vulnerability in the htmlurl parameter of the chakanhtml.module.php file...

Design/Logic Flaw

KuaiFanCMS V5.x contains an arbitrary file read vulnerability in the htmlurl parameter of the chakanhtml.module.php file...

CVE-2021-3256

KuaiFanCMS V5.x has an arbitrary file read vulnerability in the html_url parameter of the chakanhtml.module.php file. The issue stems from the html_url parameter handling in that module, allowing an attacker to read arbitrary files and potentially obtain sensitive information. Multiple sources (C...

CVE-2021-3256

KuaiFanCMS V5.x contains an arbitrary file read vulnerability in the htmlurl parameter of the chakanhtml.module.php file...

Axway SecureTransport 5 XML Injection

| | | | | / \ '/ \ | |/ | | / / / | | || | | | /|| |/|| https://zero.lol zero days 4 days ATTENTION: this is a friendly neighborhood zeroday drop Title: Axway SecureTransport 5 Unauthenticated XML Injection / XXE Google Dork: intitle:"Axway SecureTransport" "Login" Date: July 20th 2019 Author:...

BSA-2018-539

Security Advisory ID : BSA-2018-539 Component : OpenSSH Revision : 2.0: Final The resendbytes function in roamingcommon.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffe...

xFlow v5.x multiple vuln.

xFlow v5.x multiple vuln. Vuln. discovered by : r0t Date: 18 april 2006 vendorlink:http://www.skymarx.com/affiliatesoftware.html affected versions:v5.46.11 and previous orginal advisory: http://pridels.blogspot.com/2006/04/xflow-v5x-multiple-vuln.html Product info: After over five years of...

CactuSoft CactuShop v5.x shopping cart software multiple security vulnerabilities

S-Quadra Advisory 2004-03-31 Topic: CactuSoft CactuShop v5.x shopping cart software multiple security vulnerabilities Severity: High Vendor URL: http://www.cactushop.com Advisory URL: http://www.s-quadra.com/advisories/Adv-20040331.txt Release date: 31 Mar 2004 1. DESCRIPTION CactuShop is an ASP...