Valmet DNA Engineering Web Tools

RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to manipulate the web maintenance services URL to achieve arbitrary file read access. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation...

CVE-2026-24430

Shenzhen Tenda W30E V2 firmware versions up to and including V16.01.0.195037 disclose sensitive account credentials in cleartext within HTTP responses generated by the maintenance interface. Because the management interface is accessible over unencrypted HTTP by default, credentials may be expose...

Songcms Sql injection vulnerability and fix-vulnerability warning-the black bar safety net

The filter is not rigorous! ResultSQL injection it! if$WebOpening==0 diehtmlspecialcharsdecode$WebMaintenanceText; $QUERY = pregreplace"/\\:\?"'& lt;\\\\\\\s$/",",$SERVER'QUERYSTRING'; //This regular expression is not rigorous.!!!! Embarrassed$QUERY = explode'/',$QUERY; foreach...

NewsCMSlite Insecure Cookie Handling

www.BugReport.ir AmnPardaz Security Research Team Title: NewsCMSlite Vendor: http://www.katywhitton.com Bug: Insecure Cookie Handling Exploitation: Remote with browser Fix: N/A Original Advisory: http://www.bugreport.ir/index62.htm - Description: NewsCMSlite is an easy way to get regularly update...

CF_Nuke v4.6 Multiple vuln.

CFNuke v4.6 Multiple vuln. Vuln. dicovered by : r0t Date: 6 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/cfnuke-v46-multiple-vuln.html vendor:http://www.mycfnuke.com/ affected version:v4.6 and prior Product Description: CFNuke is a free easy-to-setup & easy-to-use open source...