Lucene search
K

1417 matches found

Vulnrichment
Vulnrichment
added 2026/01/30 10:7 p.m.7 views

CVE-2020-37032 Wing FTP Server 6.3.8 - Remote Code Execution

Wing FTP Server 6.3.8 contains a remote code execution vulnerability in its Lua-based web console that allows authenticated users to execute system commands. Attackers can leverage the console to send POST requests with malicious commands that trigger operating system execution through the...

8.8CVSS6.5AI score0.0104EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/01/30 12:0 a.m.6 views

PT-2026-5473

Name of the Vulnerable Software and Affected Versions Wing FTP Server version 6.3.8 Description The software contains a remote code execution issue in its Lua-based web console. Authenticated users can execute system commands by sending malicious commands via POST requests. The os.execute functio...

8.8CVSS6.6AI score0.0104EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/01/30 12:0 a.m.6 views

Wing FTP Server: Operating System Command Injection Vulnerability

Wing FTP Server is an open-source, cross-platform FTP server software developed by Wing FTP Server. Version 6.3.8 of Wing FTP Server contains a vulnerability related to operating system command injection. This vulnerability stems from the command execution feature in the Lua-based Web console,...

8.8CVSS6AI score0.0104EPSS
Exploits1References3
Wired Threat Level
Wired Threat Level
added 2026/01/29 5:0 p.m.6 views

An AI Toy Exposed 50,000 Logs of Its Chats With Kids to Anyone With a Gmail Account

AI chat toy company Bondu left its web console almost entirely unprotected. Researchers who accessed it found nearly all the conversations children had with the company’s stuffed animals...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/13 10:43 p.m.5 views

CVE-2026-0824

A flaw was found in QuestDB UI. A remote attacker could exploit a cross-site scripting XSS vulnerability by manipulating the Web Console component. This could allow the attacker to inject malicious scripts into web pages, potentially leading to information disclosure or arbitrary code execution i...

5.1CVSS6.3AI score0.00242EPSS
Exploits0References11
Snyk
Snyk
added 2026/01/10 3:31 p.m.2 views

Cross-site Scripting (XSS)

Overview @questdb/web-console is a QuestDB Web Console Affected versions of this package are vulnerable to Cross-site Scripting XSS in the Web Console component. An attacker can inject and execute arbitrary scripts by submitting crafted input that is not properly sanitized. Details Cross-site...

5.1CVSS6AI score0.00242EPSS
Exploits0References2
OSV
OSV
added 2026/01/10 3:31 p.m.3 views

GHSA-XF94-H87H-G9WR QuestDB UI's Web Console is Vulnerable to Cross-Site Scripting

A security flaw has been discovered in questdb ui up to 1.11.9. Impacted is an unknown function of the component Web Console. The manipulation results in cross site scripting. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. Upgrading t...

5.1CVSS5.5AI score0.00242EPSS
Exploits0References10
Github Security Blog
Github Security Blog
added 2026/01/10 3:31 p.m.7 views

QuestDB UI's Web Console is Vulnerable to Cross-Site Scripting

A security flaw has been discovered in questdb ui up to 1.11.9. Impacted is an unknown function of the component Web Console. The manipulation results in cross site scripting. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. Upgrading t...

5.1CVSS5.6AI score0.00242EPSS
Exploits0References10Affected Software1
OSV
OSV
added 2026/01/10 3:15 p.m.5 views

CVE-2026-0824

A security flaw has been discovered in questdb ui up to 1.11.9. Impacted is an unknown function of the component Web Console. The manipulation results in cross site scripting. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. Upgrading t...

5.1CVSS3.6AI score
Exploits0References9
Vulnrichment
Vulnrichment
added 2026/01/10 2:32 p.m.3 views

CVE-2026-0824 questdb ui Web Console cross site scripting

A security flaw has been discovered in questdb ui up to 1.11.9. Impacted is an unknown function of the component Web Console. The manipulation results in cross site scripting. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. Upgrading t...

5.1CVSS5.3AI score0.00242EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/01/10 2:32 p.m.27 views

CVE-2026-0824 questdb ui Web Console cross site scripting

A security flaw has been discovered in questdb ui up to 1.11.9. Impacted is an unknown function of the component Web Console. The manipulation results in cross site scripting. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. Upgrading t...

5.1CVSS0.00242EPSS
Exploits0References9
CVE
CVE
added 2026/01/10 2:32 p.m.16 views

CVE-2026-0824

CVE-2026-0824 affects QuestDB UI Web Console (up to version 1.11.9). The vulnerability is an XSS in an unknown Web Console function that can be exploited remotely. Public exploits are reported, and a fix is planned for QuestDB 9.3.0 with a patch identified as b42fd9f18476d844ae181a10a249e003dafb8...

5.1CVSS5.3AI score0.00242EPSS
Exploits0References9
EUVD
EUVD
added 2026/01/10 2:32 p.m.6 views

EUVD-2026-1842

A security flaw has been discovered in questdb ui up to 1.11.9. Impacted is an unknown function of the component Web Console. The manipulation results in cross site scripting. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks. Upgrading t...

5.1CVSS3.4AI score0.00242EPSS
Exploits0References9
CNNVD
CNNVD
added 2026/01/10 12:0 a.m.3 views

questdb 代码注入漏洞

questdb is QuestDB open source a high-performance, time series database. Code injection vulnerability exists in questdb 1.11.9 and earlier versions , the vulnerability stems from a cross-site scripting vulnerability in the Web Console component , which could lead to cross-site scripting attacks...

5.1CVSS4.4AI score0.00242EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/01/10 12:0 a.m.12 views

PT-2026-2029

Name of the Vulnerable Software and Affected Versions questdb ui versions up to 1.11.9 Description A security flaw exists in the Web Console component of questdb ui, potentially leading to cross-site scripting. The issue is remotely exploitable, and an exploit has been publicly released. The...

5.1CVSS3.7AI score0.00242EPSS
Exploits0References13
GithubExploit
GithubExploit
added 2026/01/09 4:49 p.m.228 views

Exploit for Improper Access Control in Rubyonrails Web_Console

CVE-2015-3...

4.3CVSS7.1AI score0.44984EPSS
Exploits6
RedhatCVE
RedhatCVE
added 2026/01/09 11:35 a.m.8 views

CVE-2021-41878

A reflected cross-site scripting XSS vulnerability exists in the i-Panel Administration System Version 2.0 that enables a remote attacker to execute arbitrary JavaScript code in the browser-based web console and it is possible to insert a vulnerable malicious button...

6.1CVSS5.8AI score0.09912EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:7 a.m.8 views

CVE-2019-20487

An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. Multiple actions within the WNR1000V4 web management console are vulnerable to an unauthenticated GET request exploitable directly or through CSRF, as demonstrated by the setup.cgi?todo=savehtpaccount URI...

8.8CVSS7.1AI score0.00457EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:6 a.m.7 views

CVE-2024-34545

Improper input validation in some IntelR RAID Web Console software all versions may allow an authenticated user to potentially enable information disclosure via adjacent access...

5.7CVSS6.3AI score0.00224EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:37 a.m.7 views

CVE-2019-11543

XSS exists in the admin web console in Pulse Secure Pulse Connect Secure PCS 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, and 8.1RX before 8.1R15.1 and Pulse Policy Secure 9.0RX before 9.0R3.2, 5.4RX before 5.4R7.1, and 5.2RX before 5.2R12.1...

8.3CVSS5.9AI score0.0311EPSS
Exploits0References1
Rows per page
Query Builder