7 matches found
CVE-2025-47857
A improper neutralization of special elements used in an os command 'os command injection' vulnerability CWE-78 in Fortinet FortiWeb CLI version 7.6.0 through 7.6.3 and before 7.4.8 allows a privileged attacker to execute arbitrary code or command via crafted CLI commands...
CVE-2025-30699
...
Linux Distros Unpatched Vulnerability : CVE-2016-2379
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Mxit protocol uses weak encryption when encrypting user passwords, which might allow attackers to 1 decrypt hashed passwords by leveraging knowledge of clie...
The vulnerability of the Pandora FMS monitoring and management system, related to the failure to neutralize special elements used in the operating system’s command set, allows a hacker to execute arbitrary code.
The vulnerability of the Pandora FMS monitoring and management system lies in the lack of measures taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary code on the server remotely...
CVE-2017-1000017
CVE-2017-1000017 affects phpMyAdmin 4.0, 4.4 and 4.6. A user with appropriate permissions can connect to an arbitrary MySQL server, indicating a serious exposure for affected deployments. The entry includes CVSS details (v3: 8.8, HIGH) from NVD, with network attack vector and no user interaction ...
WebChat 2.0 - users.php?Database Username Disclosure
WebChat 2.0 - users.php?Database Username Disclosure source: https://www.securityfocus.com/bid/7777/info WebChat has been reported prone to a database username disclosure weakness. The issue presents itself when a malicious request is made for the WebChat ?users.php? page. An attacker may pass a...
CVE-1999-0829
HP Secure Web Console uses weak encryption...