CVE-2023-33184

Nextcloud Mail is a mail app in Nextcloud. A blind SSRF attack allowed to send GET requests to services running in the same web server. It is recommended that the Mail app is update to version 3.02, 2.2.5 or 1.15.3...

PT-2023-24201 · Nextcloud +1 · Nextcloud Mail +1

Name of the Vulnerable Software and Affected Versions: Nextcloud Mail versions prior to 1.15.3 Nextcloud Mail versions prior to 2.2.5 Nextcloud Mail versions prior to 3.02 Description: A blind SSRF attack in Nextcloud Mail allowed sending GET requests to services running in the same web server...

Billion Smart Energy Router SG600R2 Command Execution Vulnerability

The Billion Smart Energy Router SG600R2 is a router device. A security vulnerability exists in the Billion Smart Energy Router SG600R2 using firmware version 3.02.rc6. The vulnerability can be exploited to gain root execute privileges with the help of a hidden etcro/web/adm/systemcommand.asp shel...

CVE-2017-17639

Muslim Matrimonial Script 3.02 has SQL Injection via the success-story.php succid parameter...

CVE-2016-4501

Environmental Systems Corporation ESC 8832 Data Controller 3.02 and earlier mishandles sessions, which allows remote attackers to bypass authentication and make arbitrary configuration changes via unspecified vectors...

ESC 8832 Unauthorized Access Vulnerability

ESC 8832 is a Web-based SCADA system from ESC Corporation. A security vulnerability exists in ESC 8832 version 3.02 and earlier. A remote attacker can exploit this vulnerability to gain unauthorized access by performing a brute force attack on the parameters...

ESC 8832 Unauthorized Operation Vulnerability

ESC 8832 is a Web-based SCADA system from ESC Corporation. A security vulnerability exists in the ESC 8832 version 3.02 and prior. A remote attacker could exploit the vulnerability to make unauthorized changes to the configuration...

Cimon CmnView DLL Hijacking Vulnerability

OVERVIEW Ivan Sanchez of Wise Security has identified a DLL Hijacking vulnerability in the CIMON CmnView.exe application. CIMON, Inc. has produced a patch that mitigates this vulnerability. This vulnerability could be exploited remotely with social engineering and requires local user input...

EMC Secure Remote Services Virtual Edition Provisioning component is affected by SQL injection

------------------------------------------------------------------------ EMC Secure Remote Services Virtual Edition Provisioning component is affected by SQL injection ------------------------------------------------------------------------ Han Sahin, November 2014...

FreeNAC 3.02 - SQL Injection and XSS Vulnerabilties

No description provided by source...

Gentoo Security Advisory GLSA 200904-07 (xpdf)

The remote host is missing updates announced in advisory GLSA 200904-07. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

RunCMS Module Photo 3.02 (cid) Remote SQL Injection Vulnerability

No description provided by source. RunCMS Module Photo 3.02 SQL injection AUTHOR : S@BUN HOME : http://www.milw0rm.com/author/1334 BLOG : http://my.opera.com/SQL-Injection/blog/ MAL : [email protected] DORK 1 : allinurl: "modules/photo/viewcat.php?id" DORK 2 : inurl:photo "powered...

Security fix for the ALT Linux 5 package xpdf version 3.02-alt2

Aug. 8, 2007 Victor Forsyuk 3.02-alt2 - Security fix, see CVE-2007-3387...

PT-2006-7152 · Rad · Radupload

Name of the Vulnerable Software and Affected Versions: Rad Upload version 3.02 Description: A remote file inclusion issue exists due to the handling of the save path parameter in the upload.php file. This could potentially allow remote attackers to execute arbitrary PHP code by providing a URL in...

Web Apps- Rad Upload Version 3.02 Remote File Include Vulnerability

^ Rad Upload Version 3.02 Remote File Include Vulnerability ^ Source: http://www.radinks.com/downloads/raduploadlite.zip ^ Vulnerable C0de On Line 39 In upload.php : ifisset$savepath && $savepath!="" ^ EXploit http://victim/directory/upload.php?savepath=sh3ll? ^ Found3d By: Arham ^ Gr33tz To --...

Adobe SVG Viewer 3.0 - ActiveX Control SRC Information Disclosure

Adobe SVG Viewer 3.0 - ActiveX Control SRC Information Disclosure source: https://www.securityfocus.com/bid/13490/info The Adobe SVG Viewer ActiveX control is prone to an information disclosure vulnerability. Reports indicate that the Adobe SVG Viewer ActiveX control may be employed to disclose t...