420 matches found
Advantech WISE-IoTSuite/SaaS - SQL Injection
Advantech WISE-IoTSuite/SaaS Composer suffers from an unauthenticated SQL Injection vulnerability due to the unsafe use of the filename parameter within the URL path in PostgreSQL queries. Remote attackers can exploit this flaw by injecting SQL code such as the use of pgsleep for time delays to...
CVE-2016-20093
Wise Care 365 4.27 and Wise Disk Cleaner 9.29 contain unquoted service path vulnerabilities in the WiseBootAssistant and SpyHunter 4 Service respectively, allowing local users to execute arbitrary code with SYSTEM privileges. Attackers can insert malicious executables in the system root path that...
CVE-2016-20093
CVE-2016-20093 affects Wise Care 365 v4.27 and Wise Disk Cleaner v9.29, with unquoted service paths in the WiseBootAssistant and SpyHunter 4 Service. The underlying issue is an unquoted service path, enabling local attackers to execute arbitrary code with SYSTEM privileges by placing a malicious ...
CVE-2016-20093 Wise Care 365 4.27 and Wise Disk Cleaner 9.29 Unquoted Service Path Privilege Escalation
Wise Care 365 4.27 and Wise Disk Cleaner 9.29 contain unquoted service path vulnerabilities in the WiseBootAssistant and SpyHunter 4 Service respectively, allowing local users to execute arbitrary code with SYSTEM privileges. Attackers can insert malicious executables in the system root path that...
CVE-2016-20093
Wise Care 365 4.27 and Wise Disk Cleaner 9.29 contain unquoted service path vulnerabilities in the WiseBootAssistant and SpyHunter 4 Service respectively, allowing local users to execute arbitrary code with SYSTEM privileges. Attackers can insert malicious executables in the system root path that...
PT-2026-50911
Name of the Vulnerable Software and Affected Versions Wise Care 365 version 4.27 Wise Disk Cleaner version 9.29 Description An unquoted service path issue exists in the WiseBootAssistant and SpyHunter 4 Service. This allows local users to execute arbitrary code with SYSTEM privileges by placing...
filecc (>=0.0.1 <=1.0.1), gm-i18n-migrate (>=2.7.0 <=2.9.0) +3 more potentially affected by unknown CVE via opencc (>=1.0.6 <=1.1.3)
opencc NPM version =1.0.6, =0.0.1, =2.7.0, =2.7.2, =1.0.2, =1.0.5 - wise-paas-notify-utility =1.4.10-s2t1 Source cves: unknown CVE Source advisory: OSV:GHSA-7FQQ-Q52P-2JJG...
CVE-2025-66680
An issue in the WiseDelfile64.sys component of WiseCleaner Wise Force Deleter 7.3.2 and earlier allows attackers to delete arbitrary files via a crafted request...
CVE-2025-66680
An issue in the WiseDelfile64.sys component of WiseCleaner Wise Force Deleter 7.3.2 and earlier allows attackers to delete arbitrary files via a crafted request...
CVE-2025-66680
CVE-2025-66680 concerns WiseCleaner Wise Force Deleter prior to 7.3.2, due to a flaw in the WiseDelfile64.sys driver that can allow an attacker to delete arbitrary files via a crafted request. Documents consistently name WiseDelfile64.sys as the vulnerable component and Wise Force Deleter 7.3.2 a...
EUVD-2025-208237
An issue in the WiseDelfile64.sys component of WiseCleaner Wise Force Deleter 7.3.2 and earlier allows attackers to delete arbitrary files via a crafted request...
WiseCleaner Wise Force Deleter 安全漏洞
WiseCleaner Wise Force Deleter is a file deletion tool developed by the WiseCleaner company. Versions of WiseCleaner Wise Force Deleter prior to 7.3.2 contained security vulnerabilities. These vulnerabilities stemmed from defects in the WiseDelfile64.sys component, which could allow attackers to...
CVE-2025-66680
An issue in the WiseDelfile64.sys component of WiseCleaner Wise Force Deleter 7.3.2 and earlier allows attackers to delete arbitrary files via a crafted request...
CVE-2025-66680
An issue in the WiseDelfile64.sys component of WiseCleaner Wise Force Deleter 7.3.2 and earlier allows attackers to delete arbitrary files via a crafted request...
CVE-2025-66680
An issue in the WiseDelfile64.sys component of WiseCleaner Wise Force Deleter 7.3.2 and earlier allows attackers to delete arbitrary files via a crafted request...
PT-2026-22747
An issue in the WiseDelfile64.sys component of WiseCleaner Wise Force Deleter 7.3.2 and earlier allows attackers to delete arbitrary files via a crafted request...
Advantech WISE-6610 OS Command Injection Vulnerability
Advantech WISE-6610 is a core gateway device from Advantech, Taiwan, China. The Advantech WISE-6610 suffers from an operating system command injection vulnerability that originates from a misuse of the parameter deletefile in the file /cgi-bin/luci/admin/openvpnapply, which can be exploited by an...
Exploit for CVE-2026-2670
exploit-CVE-2026-2670 CVE-2026-2670 – Advantech WISE-6610...
Exploit for CVE-2026-2670
exploit-CVE-2026-2670 CVE-2026-2670 – Advantech WISE-6610...
CVE-2026-2670
A vulnerability was identified in Advantech WISE-6610 1.2.120251110. Affected is an unknown function of the file /cgi-bin/luci/admin/openvpnapply of the component Background Management. Such manipulation of the argument deletefile leads to os command injection. The attack can be executed remotely...