CVE-2015-10145

Gargoyle router management utility versions 1.5.x contain an authenticated OS command execution vulnerability in /utility/runcommands.sh. The application fails to properly restrict or validate input supplied via the 'commands' parameter, allowing an authenticated attacker to execute arbitrary she...

EUVD-2025-206059

Gargoyle router management utility versions 1.5.x contain an authenticated OS command execution vulnerability in /utility/runcommands.sh. The application fails to properly restrict or validate input supplied via the 'commands' parameter, allowing an authenticated attacker to execute arbitrary she...

Gargoyle Router Management Utility 安全漏洞

Gargoyle Router Management Utility is a third-party router firmware from Gargoyle. A security vulnerability exists in Gargoyle Router Management Utility version 1.5.x, which stems from a restricted or insufficient validation of the commands parameter input, which could allow an authenticated...

EUVD-2010-4142

Malware in sbrugna...

EUVD-2012-2231

Malware in sbrugna...

EUVD-2010-1463

Malware in sbrugna...

EUVD-2018-12714

Malware in sbrugna...

CVE-2020-21358

A cross site request forgery CSRF in Wage-CMS 1.5.x-dev allows attackers to arbitrarily add users...

CVE-2010-1433

Joomla! Core is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to properly verify user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the webserver process. This may facilitate...

CVE-2012-4071

Cross-site scripting XSS vulnerability in the comments module in the RSGallery2 comrsgallery2 component before 2.3.0 for Joomla! 1.5.x, and before 3.2.0 for Joomla! 2.5.x, allows remote attackers to inject arbitrary web script or HTML via crafted BBCode markup in a comment...

CVE-2021-4291 OpenMRS Admin UI Module location.gsp cross site scripting

A vulnerability was found in OpenMRS Admin UI Module up to 1.5.x. It has been declared as problematic. This vulnerability affects unknown code of the file omod/src/main/webapp/pages/metadata/locations/location.gsp. The manipulation leads to cross site scripting. The attack can be initiated...

Kubernetes arbitrary file overwrite

In Kubernetes versions 1.5.x, 1.6.x, 1.7.x, 1.8.x, and prior to version 1.9.6, the kubectl cp command insecurely handles tar data returned from the container, and can be caused to overwrite arbitrary local files...

GHSA-2JQ6-FFPH-P4H8 Kubernetes arbitrary file overwrite

In Kubernetes versions 1.5.x, 1.6.x, 1.7.x, 1.8.x, and prior to version 1.9.6, the kubectl cp command insecurely handles tar data returned from the container, and can be caused to overwrite arbitrary local files...

PT-2023-6427

Name of the Vulnerable Software and Affected Versions Roundcube versions 1.4.15 and earlier, 1.5.x before 1.5.5, and 1.6.x before 1.6.4 Description The issue allows stored XSS via an HTML e-mail message with a crafted SVG document because of program/lib/Roundcube/rcube washtml.php behavior. This...

SquirrelMail Cross-Site Scripting Vulnerability (CNVD-2019-20986)

SquirrelMail is a set of PHP language development , cross-platform Webmail mail system . A cross-site scripting vulnerability exists in SquirrelMail versions 1.4.22 and later and version 1.5.x before 1.5.2. The vulnerability stems from a lack of proper validation of client data by the web...

CVE-2018-1002100

In Kubernetes versions 1.5.x, 1.6.x, 1.7.x, 1.8.x, and prior to version 1.9.6, the kubectl cp command insecurely handles tar data returned from the container, and can be caused to overwrite arbitrary local files...

Command injection

In Kubernetes versions 1.5.x, 1.6.x, 1.7.x, 1.8.x, and prior to version 1.9.6, the kubectl cp command insecurely handles tar data returned from the container, and can be caused to overwrite arbitrary local files...

CVE-2018-1002100

In Kubernetes versions 1.5.x, 1.6.x, 1.7.x, 1.8.x, and prior to version 1.9.6, the kubectl cp command insecurely handles tar data returned from the container, and can be caused to overwrite arbitrary local files...

Zulip Server Cross-Site Scripting Vulnerability (CNVD-2018-08599)

Zulip Server is a set of open source group chat application written in Python based on the Django framework . A cross-site scripting vulnerability exists in Zulip Server versions 1.5.x, 1.6.x, and 1.7.x before 1.7.2. A remote attacker can exploit this vulnerability to inject arbitrary web script ...

Etherpad Arbitrary Code Execution Vulnerability

Etherpad is a Web-based online document collaboration tool. Multiple users can write a text document simultaneously via Etherpad and see real-time edits from all participants. An arbitrary code execution vulnerability exists in Etherpad 1.5.x and 1.6.x before 1.6.4. An attacker can exploit this...