1byte-react-design (>=1.7.1 <=1.14.0), @aaf-comp/graph-widget (>=1.0.0 <=1.0.3) +314 more potentially affected by unknown CVE via @antv/vendor (>=1.0.11 <=1.0.6)

@antv/vendor NPM version =1.0.11, =1.7.1, =1.0.0, =1.1.43, =5.0.48, =1.0.1, =1.0.4, =2.0.0, =2.0.0, =1.0.0, =2.0.0, =3.0.3, =3.0.0, =2.0.0, =0.5.6, =6.1.21, =6.3.1 and more Source cves: unknown CVE Source advisory: SNYK:JS-ANTVVENDOR-16754350...

CVE-2025-34188

Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 1.0.735 and Application prior to 20.0.1330 macOS/Linux client deployments contain a vulnerability in the local logging mechanism. Authentication session tokens, including PHPSESSID, XSRF-TOKEN, and laravelsession, are...

CVE-2025-34192

Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.893 and Application versions prior to 20.0.2140 macOS/Linux client deployments are built against OpenSSL 1.0.2h-fips released May 2016, which has been end-of-life since 2019 and is no longer supported by the OpenSSL...

Linux Distros Unpatched Vulnerability : CVE-2024-50285

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: check outstanding simultaneous SMB operations If Client send simultaneous SMB operations to ksmbd, It exhausts too much memory through the ksmbdworkcache...

Digital China Networks vendor 安全漏洞

Digital China Networks vendor is a series of vendor firewalls from Digital China Networks DCCN, a Chinese company. A security vulnerability exists in Digital China Networks vendor version v.7.2.6.120, which originates from a vulnerability that could allow a remote attacker to execute arbitrary co...

Computer And Mobile Repair Shop Management System 1.0 Cross Site Request Forgery

============================================================================================================================================= | Title : Computer and Mobile Repair Shop Management System v1.0 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...

CVE-2024-4171 Tenda W30E WizardHandle fromWizardHandle stack-based overflow

A vulnerability classified as critical has been found in Tenda W30E 1.0/1.0.1.25. Affected is the function fromWizardHandle of the file /goform/WizardHandle. The manipulation of the argument PPW leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has be...

phpFM 1.7.9 Authentication Bypass / Shell Upload

Exploit Title: phpfm v1.7.9 - Authentication type juggling Date: 2023-07-10 Exploit Author: thoughtfault Vendor Homepage: https://www.dulldusk.com/phpfm/ Software Link: https://github.com/dulldusk/phpfm/ Version: 1.6.1-1.7.9 Tested on: Ubuntu 22.04 CVE : N/A """ An authentication bypass exists in...

CVE-2021-33553 UDP Technology/Geutebrück camera devices: Command injection in command parameter leading to RCE

Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to command injection, which may allow an attacker to remotely execute arbitrary code...

SOCA Access Control System 180612 - Cross-Site Request Forgery (Add Admin)

SOCA Access Control System 180612 CSRF Add Admin Exploit Vendor: SOCA Technology Co., Ltd Product web page: http://www.socatech.com Affected version: 180612, 170000 and 141007 Summary: The company's products include Proximity and Fingerprint access control system, Time and Attendance, Electric...

Talos Vulnerability Discovery Year in Review - 2018

Introduction Cisco Talos' Vulnerability Discovery Team investigates software and operating system vulnerabilities in order to discover them before malicious threat actors. We provide this information to vendors so that they can create patches and protect their customers as soon as possible. We...

mySCADA myPRO 7 - Hard-Coded Credentials

mySCADA myPRO 7 - Hard-Coded Credentials. CVE-2018-11311. Remote exploit for Multiple platform Exploit Title: mySCADA myPRO 7 - Hardcoded FTP Username and Password Date: 2018-05-19 Exploit Author: Emre ÖVÜNÇ Vendor Homepage: https://www.myscada.org/mypro/ Software Link:...

Food Order Script 1.0 - &#039;list?city&#039; SQL Injection

Exploit Title: Food Order Script 1.0 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/food-order-script-2/ Demo: http://ordermanagementscript.com/demo/food-order/ Version: 1.0 Category: Webapps Tested...

Article Directory Script 3.0 - id SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Article Directory Script 3.0 - SQL Injection Vendor Homepage: http://www.yourarticlesdirectory.com/ Software Link: http://www.yourarticlesdirectory.com/ Demo: http://www.yourarticlesdirectory.com/livedemo.php Version: 3.0...

Mobilya Scripti 2 Shell Upload

Exploit Title: Mobilya Scripti v2 File Upload 2. Google Dork: intext:Lütfen sadece .doc yada .pdf uzantılı dosya gönderin. 3. Date: 10.4.2016 4. Exploit Author: [email protected] 5. Vendor Homepage: http://www.hazirscriptler.web.tr/mobilya-scripti-php-v2 6. Version: v2 7. Tested...

CVE-2014-4607

Integer overflow in the LZO algorithm variant in Oberhumer liblzo2 and lzo-2 before 2.07 on 32-bit platforms might allow remote attackers to execute arbitrary code via a crafted Literal Run...

Harlandscripts drinks - &#039;recid&#039; SQL Injection

=========================================== Drinks script. -------------------------------------------------------------------------------------- Vendor: http://www.fivedollarscripts.com Demo: http://www.fivedollarscripts.com/drinks/index.php Notified: No. Probably don't care. Price: Five bones...

Design/Logic Flaw

The Cisco PIX/ASA Finesse Operation System 7.1 and 7.2 allows local users to gain privileges by entering characters at the enable prompt, erasing these characters via the Backspace key, and then holding down the Backspace key for one second after erasing the final character. NOTE: third parties,...

CVE-2008-1246

The Cisco PIX/ASA Finesse Operation System 7.1 and 7.2 allows local users to gain privileges by entering characters at the enable prompt, erasing these characters via the Backspace key, and then holding down the Backspace key for one second after erasing the final character. NOTE: third parties,...

Mitra Informatika Solusindo cart - SQL Injection

SolpotCrew Community Mitra Informatika Solusindo cart Remote Sql Injection Exploit vendor : http://www.mitrainformatika.com/ Bug Found By : homeedition2001 a.k.a bius 4-03-2008 contact: [email protected] Website : www.solpotcrew.org/adv/homeedition2001-adv-03.txt Greetz:...