CVE-2025-50661

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of multiple parameters in the /urlrule.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request with parameters name, en, ips, u, time, act, rpri, and log...

PT-2025-50762

Name of the Vulnerable Software and Affected Versions APC Network Management Card 4 affected versions not specified Description The software contains a path traversal issue that allows unauthenticated attackers to access sensitive system files. Attackers can manipulate URL parameters to exploit...

EUVD-2010-5308

Malware in sbrugna...

EUVD-2025-24460

Malicious code in bioql PyPI...

CVE-2025-49813

An improper neutralization of special elements used in an OS Command "OS Command Injection" vulnerability CWE-78 in Fortinet FortiADC version 7.2.0 and before 7.1.1 allows a remote and authenticated attacker with low privilege to execute unauthorized code via specifically crafted HTTP parameters...

CVE-2025-44137

MapTiler Tileserver-php v2.0 is vulnerable to Directory Traversal. The renderTile function within tileserver.php is responsible for delivering tiles that are stored as files on the server via web request. Creating the path to a file allows the insertion of "../" and thus read any file on the web...

Cisco Secure Firewall Management Center 安全漏洞

Cisco Secure Firewall Management Center is a powerful network security management tool from Cisco. A command execution vulnerability exists in Cisco Secure Firewall Management Center that stems from insufficient input validation of certain HTTP request parameters sent to the web management...

CVE-2023-48782

A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWLM version 8.6.0 through 8.6.5 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters...

PT-2023-7685 · Fortinet · Fortiwlm

Name of the Vulnerable Software and Affected Versions: Fortinet FortiWLM versions 8.6.0 through 8.6.5 Description: The issue is related to an improper neutralization of special elements used in an os command, also known as 'os command injection'. This allows an attacker to execute unauthorized co...

CVE-2023-36548

A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters...

Fortinet FortiWLM Operating System Command Injection Vulnerability

Fortinet FortiWLM is a wireless manager from Fortinet. A security vulnerability exists in Fortinet FortiWLM that stems from the presence of an operating system command injection vulnerability. The vulnerability allows an attacker to execute unauthorized code or commands via specially crafted http...

Fortinet FortiWLM Operating System Command Injection Vulnerability

Fortinet FortiWLM is a wireless manager from Fortinet. A security vulnerability exists in Fortinet FortiWLM that stems from the presence of an operating system command injection vulnerability. The vulnerability allows an attacker to execute unauthorized code or commands via specially crafted http...

Fortinet FortiWLM Operating System Command Injection Vulnerability

Fortinet FortiWLM is a wireless manager from Fortinet. A security vulnerability exists in Fortinet FortiWLM that stems from the presence of an operating system command injection vulnerability. The vulnerability allows an attacker to execute unauthorized code or commands via specially crafted http...

Fortinet FortiWLM Operating System Command Injection Vulnerability

Fortinet FortiWLM is a wireless manager from Fortinet. A security vulnerability exists in Fortinet FortiWLM that stems from the presence of an operating system command injection vulnerability. The vulnerability allows an attacker to execute unauthorized code or commands via specially crafted http...

PT-2023-6018 · Fortinet · Fortiwlm

Name of the Vulnerable Software and Affected Versions: Fortinet FortiWLM versions 8.5.0 through 8.5.4 Fortinet FortiWLM versions 8.6.0 through 8.6.5 Description: The issue is related to an improper neutralization of special elements used in an OS command, also known as 'OS command injection'. Thi...

PT-2023-6088 · Fortinet · Fortiwlm

Name of the Vulnerable Software and Affected Versions: Fortinet FortiWLM versions 8.5.0 through 8.5.4 Fortinet FortiWLM versions 8.6.0 through 8.6.5 Description: The issue exists due to improper neutralization of special elements used in an operating system command, allowing an attacker to execut...

Osprey Pump Controller 安全漏洞

Osprey Pump Controller is a pump controller from Osprey. A security vulnerability exists in Osprey Pump Controller version 1.01. An attacker can exploit this vulnerability to obtain arbitrary files and sensitive system information from an affected device using GET parameters...

Apache Airavata Django Portal 安全漏洞

Apache Airavata Django Portal is a web interface from the Apache USA Foundation Apache Airavata uses an API to implement the Django web framework. A security vulnerability exists in Apache Airavata Django Portal that stems from some HTTP request parameters being saved without being escaped...

ShinHer StudyOnline System 授权问题漏洞

ShinHer StudyOnline System is a school system from ShinHer, a Chinese company. ShinHer StudyOnline System is vulnerable to an authorization issue that stems from the Study Edit feature of ShinHer StudyOnline System without permission control. An attacker could use this vulnerability to access and...

Multiple Buffer Overflow Vulnerabilities in Tenda AC9 Routers

Tenda AC9 Router is a router produced by Shenzhen Jixiang Tenda Technology Co. Tenda AC9 router there are multiple buffer overflow vulnerabilities, the vulnerability stems from the router background on the http request parameter content length is not limited, an attacker can use the vulnerability...