18 matches found
EUVD-2018-17775
Malware in sbrugna...
EUVD-2025-19304
Malicious code in bioql PyPI...
CVE-2025-52809
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in John Russell National Weather Service Alerts national-weather-service-alerts allows PHP Local File Inclusion.This issue affects National Weather Service Alerts: from n/a through ...
CVE-2025-52809
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in John Russell National Weather Service Alerts national-weather-service-alerts allows PHP Local File Inclusion.This issue affects National Weather Service Alerts: from n/a through ...
CVE-2025-52809 WordPress National Weather Service Alerts plugin <= 1.3.5 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in John Russell National Weather Service Alerts national-weather-service-alerts allows PHP Local File Inclusion.This issue affects National Weather Service Alerts: from n/a through ...
CVE-2025-52809
CVE-2025-52809 describes an unauthenticated Local File Inclusion in the WordPress plugin National Weather Service Alerts (versions ≤ 1.3.5). The vulnerability arises from Improper Control of Filename for Include/Require in a PHP program, enabling local file inclusion via user-controlled input. Pu...
PT-2025-27128 · Unknown · John Russell National Weather Service Alerts
Name of the Vulnerable Software and Affected Versions: John Russell National Weather Service Alerts versions 1.3.5 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows...
WordPress plugin National Weather Service Alerts 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
Unspecified Vulnerability in Green Electronics RainMachine Mini-8 (CNVD-2019-28250)
The Green Electronics RainMachine Mini-8 is a smart irrigation sprinkler from Green Electronics USA. A security vulnerability exists in the 'Weather Service' feature in the Green Electronics RainMachine Mini-8 2nd generation. The vulnerability can be exploited to inject arbitrary Python code via...
Code injection
The 'Weather Service' feature of the Green Electronics RainMachine Mini-8 2nd generation allows an attacker to inject arbitrary Python code via the 'Add new weather data source' upload function...
CVE-2018-6012
The 'Weather Service' feature of the Green Electronics RainMachine Mini-8 2nd generation allows an attacker to inject arbitrary Python code via the 'Add new weather data source' upload function...
CVE-2018-6012
The 'Weather Service' feature of the Green Electronics RainMachine Mini-8 2nd generation allows an attacker to inject arbitrary Python code via the 'Add new weather data source' upload function...
CVE-2018-6012
CVE-2018-6012 affects the Green Electronics RainMachine Mini-8 (2nd generation). The vulnerability lies in the Weather Service feature: an attacker can inject arbitrary Python code through the 'Add new weather data source' upload function. This implies potential remote code execution with network...
[SECURITY] Fedora 22 Update: php-horde-Horde-Service-Weather-2.3.1-1.fc22
Set of classes that provide an abstraction to various online weather service providers. Includes drivers for WeatherUnderground, WorldWeatherOnline, and Google Weather...
[SECURITY] Fedora 23 Update: php-horde-Horde-Service-Weather-2.3.1-1.fc23
Set of classes that provide an abstraction to various online weather service providers. Includes drivers for WeatherUnderground, WorldWeatherOnline, and Google Weather...
National Weather Service Cross Site Scripting
Exploit Title: National Weather Service Internet Weather Source alert"XSS" +---------------------------------------------------+ Greetz to : ./CyberSEC...
Sensitive server info leaked from weather.gov Vulnerability
Kosova Hacker's Security group today release very sensitive server info of "The National Weather Service", which was gathered due to a "Local file inclusion" Vulnerability in weather.gov . By definition, Local File Inclusion also known as LFI is the process of including files on a server through...
Hackers deface Philippines Department of Environment website
Hackers incensed by the Philippines' controversial cybercrime law have attacked government sites that deliver emergency information during natural disasters. The website of the Department of Environment and Natural Resources DENR was hacked on Saturday, despite calls from Malacañang for a...