CVE-2023-50073

EmpireCMS v7.5 was discovered to contain a SQL injection vulnerability via the ftppassword parameter at SetEnews.php...

EUVD-2018-9824

Malware in sbrugna...

EUVD-2023-54988

Malicious code in bioql PyPI...

CVE-2024-30321

A vulnerability has been identified in SIMATIC PCS 7 V9.1 All versions V9.1 SP2 UC05, SIMATIC WinCC Runtime Professional V18 All versions V18 Update 5, SIMATIC WinCC Runtime Professional V19 All versions V19 Update 2, SIMATIC WinCC V7.4 All versions V7.4 SP1 Update 23, SIMATIC WinCC V7.5 All...

CVE-2023-50162

SQL injection vulnerability in EmpireCMS v7.5, allows remote attackers to execute arbitrary code and obtain sensitive information via the DoExecSql function...

CVE-2023-50162

EmpireCMS v7.5 is affected by CVE-2023-50162 due to a SQL injection in the DoExecSql function. The vulnerability allows remote attackers to run arbitrary SQL, potentially leading to code execution and exposure of sensitive data. Root cause: lack of validation of externally supplied SQL statements...

CVE-2023-50073

EmpireCMS v7.5 was discovered to contain a SQL injection vulnerability via the ftppassword parameter at SetEnews.php...

CVE-2023-50073

EmpireCMS v7.5 was discovered to contain a SQL injection vulnerability via the ftppassword parameter at SetEnews.php...

CVE-2023-33604

Imperial CMS v7.5 was discovered to contain an arbitrary file deletion vulnerability via the DelspReFile function in /sp/ListSp.php. This vulnerability is exploited by attackers via a crafted POST request...

CVE-2023-33604

CVE-2023-33604 affects Imperial CMS v7.5. The vulnerability is an arbitrary file deletion issue via the DelspReFile function in the endpoint /sp/ListSp.php, exploitable by a crafted POST request. Documented impact includes high integrity and availability risks (CVSS v3.1: 9.1, I/H). Exploitation ...

CVE-2022-45313

Mikrotik RouterOs before stable v7.5 was discovered to contain an out-of-bounds read in the hotspot process. This vulnerability allows attackers to execute arbitrary code via a crafted nova message...

Out-of-bounds

Mikrotik RouterOs before stable v7.5 was discovered to contain an out-of-bounds read in the hotspot process. This vulnerability allows attackers to execute arbitrary code via a crafted nova message...

CVE-2021-40363

A vulnerability has been identified in SIMATIC PCS 7 V8.2 All versions, SIMATIC PCS 7 V9.0 All versions, SIMATIC PCS 7 V9.1 All versions V9.1 SP1, SIMATIC WinCC V15 and earlier All versions V15 SP1 Update 7, SIMATIC WinCC V16 All versions V16 Update 5, SIMATIC WinCC V17 All versions V17 Update 2,...

CVE-2021-36547

A remote code execution RCE vulnerability in the component /codebase/dir.php?type=filenew of Mara v7.5 allows attackers to execute arbitrary commands via a crafted PHP file...

Remote code execution

A remote code execution RCE vulnerability in the component /codebase/dir.php?type=filenew of Mara v7.5 allows attackers to execute arbitrary commands via a crafted PHP file...

CVE-2021-36547

Summary: Mara CMS v7.5 contains a remote code execution (RCE) vulnerability in the component /codebase/dir.php?type=filenew. The root cause is alleged improper input filtering in the file upload logic, enabling an attacker to upload a crafted PHP file that can execute arbitrary commands. This iss...

CVE-2021-36547

A remote code execution RCE vulnerability in the component /codebase/dir.php?type=filenew of Mara v7.5 allows attackers to execute arbitrary commands via a crafted PHP file...

CVE-2020-36490

DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting XSS vulnerabilities in the component filemanageview.php via the activepath, keyword, tag, fmdo=x&filename, CKEditor and CKEditorFuncNum parameters...

CVE-2020-36495

DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting XSS vulnerabilities in the component filemanageview.php via the filename, mid, userid, and templet' parameters...

CVE-2020-36496

DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting XSS vulnerabilities in the component sysadminuseredit.php via the filename, mid, userid, and templet' parameters...