10 matches found
Zyxel VMG3625-T50B 安全漏洞
The Zyxel VMG3625-T50B is a WiFi device from China's Heqin Technology Zyxel. A security vulnerability exists in the Zyxel VMG3625-T50B V5.50ABPM.8C0 firmware version, which originates from a CGI program that contains a buffer overflow vulnerability that could allow an authenticated, remote attack...
CVE-2022-27055
ecjia-daojia 1.38.1-20210202629 is vulnerable to information leakage via content/apps/installer/classes/Helper.php. When the web program is installed, a new environment file is created, and the database information is recorded, including the database record password. NOTE: the vendor disputes thi...
Arbitrary File Deletion Vulnerability in hybbs 2.3.2
hybbs is a PHP web program that supports plugin extensions and template extensions. An arbitrary file deletion vulnerability exists in hybbs 2.3.2, which can be exploited by an attacker to compromise the integrity of the system...
File upload vulnerability at hybbs 2.3.2 template
hybbs is a PHP web program that supports plugin extensions and template extensions. A file upload vulnerability exists in the hybbs 2.3.2 template, which can be exploited by an attacker to gain control of the web server...
Bash environment variable code injection over HTTP
Added: 09/26/2014 CVE: CVE-2014-6271 BID: 70103 OSVDB: 112004 Background GNU Bash Bourne Again SHell is a command shell commonly used on Linux and Unix systems. Problem The Bash shell executes commands injected after function definitions contained in environment variables. This could be used by a...
SQL injection authentication bypass
Added: 01/04/2011 Background Structured Query Language SQL is the most common language understood by modern relational databases. Problem A web program uses input parameters within an SQL query in an unsafe manner. This could allow a remote attacker to manipulate the authentication query via a...
SQL injection authentication bypass
Added: 01/04/2011 Background Structured Query Language SQL is the most common language understood by modern relational databases. Problem A web program uses input parameters within an SQL query in an unsafe manner. This could allow a remote attacker to manipulate the authentication query via a...
SQL injection
Added: 04/10/2009 Background Structured Query Language SQL is the most common language understood by modern relational databases. Problem A web program uses input parameters within an SQL query in an unsafe manner. This could allow a remote attacker to inject arbitrary SQL commands via a speciall...
SQL injection
Added: 04/10/2009 Background Structured Query Language SQL is the most common language understood by modern relational databases. Problem A web program uses input parameters within an SQL query in an unsafe manner. This could allow a remote attacker to inject arbitrary SQL commands via a speciall...
SQL injection
Added: 04/10/2009 Background Structured Query Language SQL is the most common language understood by modern relational databases. Problem A web program uses input parameters within an SQL query in an unsafe manner. This could allow a remote attacker to inject arbitrary SQL commands via a speciall...