30 matches found
CVE-2026-8500
Web::Passwd (Perl)
PT-2026-40831
Name of the Vulnerable Software and Affected Versions Web::Passwd version 0.03 Description Web::Passwd, a small CGI application for managing htpasswd files via the htpasswd command, allows remote code execution. The user parameter is not validated or escaped before being used as the final argumen...
Web::Passwd 操作系统命令注入漏洞
Web::Passwd is a Perl module developed by EVANK personal developers, used for managing password files and handling identity authentication in web applications. Versions of Web::Passwd prior to 0.03 contained a vulnerability related to operating system command injection. This vulnerability stemmed...
PT-2026-6899
Name of the Vulnerable Software and Affected Versions D-Link DIR-823X version 250416 Description A flaw exists in D-Link DIR-823X version 250416 that allows remote attackers to execute operating system commands. This occurs due to a command injection in an unknown function within the /goform/set...
CVE-2023-25366
In Siglent SDS 1104X-E SDS1xx4X-EV6.1.37R9.ADS, insecure SCPI interface discloses web password...
EUVD-2023-29323
Malicious code in bioql PyPI...
D-Link DIR-823X 安全漏洞
The D-Link DIR-823X is a wireless router from China's AUO D-Link. The D-Link DIR-823X suffers from a command execution vulnerability that can be exploited by an attacker to cause code execution due to the setcassword settings interface not filtering special characters in the httpcasswd parameter...
CVE-2025-54791 OMERO.web displays unecessary user information when requesting to reset the password
OMERO.web provides a web based client and plugin infrastructure. Prior to version 5.29.2, if an error occurred when resetting a user's password using the Forgot Password option in OMERO.web, the error message displayed on the Web page can disclose information about the user. This issue has been...
CVE-2024-22069 Permission and Access Control Vulnerability in ZXV10 XT802/ET301
There is a permission and access control vulnerability of ZTE's ZXV10 XT802/ET301 product.Attackers with common permissions can log in the terminal web and change the password of the administrator illegally by intercepting requests to change the passwords...
PT-2024-5665 · Tenda · Tenda I22
Name of the Vulnerable Software and Affected Versions: Tenda i22 version 1.0.0.34687 Description: The issue is related to a buffer overflow in the formApPortalWebAuth function due to lack of input size validation. This can be exploited by a remote attacker to impact the confidentiality, integrity...
NETGEAR DC112A and EX6200 and R6300v2 Security Vulnerabilities
NETGEAR DC112A and others are products of NETGEAR Corporation.NETGEAR DC112A is a wireless router.NETGEAR EX6200 is a wireless network signal extender.NETGEAR R6300v2 is a wireless router. A security vulnerability exists in the NETGEAR DC112A version 1.0.0.64, EX6200 version 1.0.3.94, and R6300v2...
CVE-2023-25366
In Siglent SDS 1104X-E SDS1xx4X-EV6.1.37R9.ADS, insecure SCPI interface discloses web password...
CVE-2023-25366
In Siglent SDS 1104X-E SDS1xx4X-EV6.1.37R9.ADS, insecure SCPI interface discloses web password...
CVE-2023-25366
In Siglent SDS 1104X-E SDS1xx4X-EV6.1.37R9.ADS, insecure SCPI interface discloses web password...
Design/Logic Flaw
In Siglent SDS 1104X-E SDS1xx4X-EV6.1.37R9.ADS, insecure SCPI interface discloses web password...
PT-2023-20037 · Siglent · Siglent Sds 1104X-E
Name of the Vulnerable Software and Affected Versions: Siglent SDS 1104X-E version 6.1.37R9.ADS Description: The issue concerns an insecure SCPI interface that discloses the web password. Recommendations: For Siglent SDS 1104X-E version 6.1.37R9.ADS, consider restricting access to the SCPI...
CVE-2023-25366
In Siglent SDS 1104X-E SDS1xx4X-EV6.1.37R9.ADS, insecure SCPI interface discloses web password...
CVE-2023-25366
CVE-2023-25366 affects Siglent SDS 1104X-E (SDS1xx4X-E_V6.1.37R9.ADS). The issue is an insecure SCPI interface that discloses the web password, exposing authentication credentials and potentially enabling unauthorized access to the device. No exploitation details are provided in the connected doc...
CVE-2023-25366
In Siglent SDS 1104X-E SDS1xx4X-EV6.1.37R9.ADS, insecure SCPI interface discloses web password...
CVE-2022-31205
In Omron CS series, CJ series, and CP series PLCs through 2022-05-18, the password for access to the Web UI is stored in memory area D1449...D1452 and can be read out using the Omron FINS protocol without any further authentication...