195539 matches found
WordPress plugin Sunshine Photo Cart 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
TOTOLINK CA750-PoE 操作系统命令注入漏洞
The TOTOLINK CA750-PoE is a wireless network access device from China-based TOTOLINK Electronics TOTOLINK. An OS command injection vulnerability exists in TOTOLINK CA750-PoE version 6.2c.510, which originates from an OS command injection in the Setting Handler component of the setPasswordCfg...
PCViewer 路径遍历漏洞
PCViewer is a folder manager from PCViewer, Inc. A path traversal vulnerability exists in PCViewer version vt1000, which stems from directory traversal and could allow an unauthenticated attacker to read arbitrary files by submitting a sequence of relative paths via a GET request...
TOTOLINK CA750-PoE 操作系统命令注入漏洞
The TOTOLINK CA750-PoE is a wireless network access device from China's Gion Electronics TOTOLINK. The Totolink CA750-PoE version 6.2c.510 suffers from an operating system command injection vulnerability that originates from os command injection in the operation of the parameter hosttime in the...
WordPress plugin WP Activity Log 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
WordPress plugin WP Search Analytics 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
SocuSoft DVD Photo Slideshow Professional 安全漏洞
SocuSoft DVD Photo Slideshow Professional is an electronic photo album creation software from SocuSoft. A security vulnerability exists in SocuSoft DVD Photo Slideshow Professional version 8.07, which stems from a stack-based buffer overflow in the registered name field that could allow a local...
SocuSoft iPod Photo Slideshow 安全漏洞
SocuSoft iPod Photo Slideshow is a photo album video creation software from SocuSoft. A security vulnerability exists in SocuSoft iPod Photo Slideshow version 8.05, which originates from a buffer overflow in the registration dialog box that could allow a local attacker to execute arbitrary code b...
Edimax BR-6675nD 命令注入漏洞
The Edimax BR-6675nD is a dual-band broadband wireless router from China Xunzhou Edimax. A command injection vulnerability exists in the Edimax BR-6675nD version 1.12, which originates from the POST Request Handler component's manipulation of the parameter command in the file /goform/mp, which...
TOTOLINK A8000RU 操作系统命令注入漏洞
The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. An OS command injection vulnerability exists in TOTOLINK A8000RU version 7.1cu.643b20200521, which originates from the operation of the function setIpQosRules on the parameter Comment in the Web Management Interface...
Hackney 安全漏洞
Hackney is a program library from Hackney, Inc. A security vulnerability exists in hackney versions prior to 2.0.0 through 4.0.1, which stems from a failure to strip CRLF sequences in WebSocket upgrade code, which could lead to HTTP request/response splitting...
Dromara Lamp-Cloud 安全漏洞
Dromara Lamp-Cloud is dromara open source based on Jdk11 SpringCloud SpringBoot development of microservices in the backend rapid development platform . Dromara lamp-cloud 5.6.2 and earlier versions of a security vulnerability , the vulnerability stems from the Message Template Handler component ...
Cline Memory Bank 路径遍历漏洞
Cline Memory Bank is a model context protocol server for persistent project context management for AI development by Darren Bennett Personal Developer. A path traversal vulnerability exists in Cline Memory Bank, which stems from the operation of the parameter projectPath of the function...
Softneta MedDream PACS Server Premium SQL注入漏洞
Softneta MedDream PACS Server Premium is a medical image storage and reading platform from Softneta. A SQL injection vulnerability exists in Softneta MedDream PACS Server Premium version 6.7.1.1, which originates from malicious code injection via email parameters and could lead to execution of...
TOTOLINK A8000RU 操作系统命令注入漏洞
The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. An OS command injection vulnerability exists in TOTOLINK A8000RU version 7.1cu.643b20200521, which originates from the operation of the parameter enabled of the function setWanCfg in the file /cgi-bin/cstecgi.cgi in...
TOTOLINK A8000RU 操作系统命令注入漏洞
The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. The Totolink A8000RU version 7.1cu.643b20200521 suffers from an OS command injection vulnerability that originates from the operation of the function setWiFiWpsCfg in the file /cgi-bin/cstecgi.cgi of the Web...
Student Management System 安全漏洞
Student Management System is a student management system by the individual developer krishanmurariji. A security vulnerability exists in StudentManagementSystem, which stems from the manipulation of the parameter ID by an unknown function in the file courseDel.php, which could lead to improper...
Softneta MedDream PACS Server Premium 路径遍历漏洞
Softneta MedDream PACS Server Premium is a medical image storage and reading platform from Softneta. A path traversal vulnerability exists in Softneta MedDream PACS Server Premium version 6.7.1.1, which originates from a directory traversal and could allow an unauthenticated attacker to read...
TOTOLINK A8000RU 操作系统命令注入漏洞
The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. An OS command injection vulnerability exists in TOTOLINK A8000RU version 7.1cu.643b20200521, which originates from the parameter of the function UploadOpenVpnCert in the file /cgi-bin/cstecgi.cgi in the component We...
StokedOnIt Notebook Pro 安全漏洞
StokedOnIt Notebook Pro is a digital note management software from StokedOnIt. A security vulnerability exists in StokedOnIt Notebook Pro version 2.0, which stems from a denial of service in the notebook name field, which could lead to a local attacker crashing the application by supplying an...
SocuSoft Socusoft 3GP Photo Slideshow 安全漏洞
SocuSoft Socusoft 3GP Photo Slideshow is a mobile photo album creation software from SocuSoft. A security vulnerability exists in Socusoft 3GP Photo Slideshow version 8.05, which stems from a buffer overflow in the registration dialog box that could allow a local attacker to execute arbitrary cod...
WordPress plugin Unlimited Elements For Elementor SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to host personal blog sites on PHP and MySQL based servers.WordPress...
WordPress plugin FlexTable 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
Gallagher Command Centre Service 安全漏洞
Gallagher Command Center Service is a security management platform service component of Gallagher New Zealand. A security vulnerability exists in Gallagher Command Centre Service that stems from the insertion of sensitive information into log files, which could lead to the disclosure of service...
SourceCodester Indian Invoicing System 访问控制错误漏洞
SourceCodester Indian Invoicing System is a SourceCodester open source Indian invoicing system. An Access Control Error vulnerability exists in SourceCodester Indian Invoicing System version 1.0, which stems from improper access control of the Backend Endpoint component...
Edimax BR-6478AC 命令注入漏洞
Edimax BR-6478AC is a dual-band Gigabit router from China Xunzhou Edimax. Edimax BR-6478AC version 1.23 suffers from a command injection vulnerability, which originates from the operation of the function formiNICbasic in the file /goform/formiNICbasic in the POST Request Handler component, on the...
Admidio 跨站请求伪造漏洞
Admidio is an open source member management system from the Admidio team. The system supports member lists, event management, guestbooks, photo albums, and downloads. A cross-site request forgery vulnerability exists in Admidio version 3.3.5, which stems from cross-site request forgery and could...
Acer NitroSense 安全漏洞
Acer NitroSense is a gaming device performance management software from Acer Taiwan, China. A security vulnerability exists in versions prior to Acer NitroSense 3.01.3052, which stems from an improperly configured Windows Named Pipe that could cause any local user to execute arbitrary code or...
Tiandy Easy7 Integrated Management Platform 授权问题漏洞
Tiandy Easy7 Integrated Management Platform is a video surveillance integrated management platform from Tiandy, China. An authorization issue vulnerability exists in Tiandy Easy7 Integrated Management Platform version 7.17.0, which originates from the handling of the file...
Edimax EW-7438RPn 安全漏洞
Edimax EW-7438RPn is a wireless signal extender from Taiwan, China-based Edimax. A security vulnerability exists in the Edimax EW-7438RPn version 1.31, which originates from the parameter submit-url operation of the function formWpsProxyEnable in the file /goform/formWpsProxyEnable, and may resul...
TCC-TRANSACTION 代码问题漏洞
TCC-TRANSACTION is a distributed transaction solution by the individual developer of changmingxie. TCC-TRANSACTION 2.1.0 and earlier versions have a code issue vulnerability that stems from the operation of the function Fastjson.parseObject in the Fastjson AutoType REST API component, which could...
WordPress plugin Broadcast Live Video 代码注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A code injection...
WordPress plugin Team Showcase 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
TOTOLINK A8000RU 操作系统命令注入漏洞
The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. The Totolink A8000RU version 7.1cu.643b20200521 suffers from an OS command injection vulnerability that originates from the function setWiFiAdvancedCfg in the Web Management Interface component /cgi-bin/cstecgi.cgi...
WordPress plugin CformsII 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...
Edimax EW-7438RPn 安全漏洞
The Edimax EW-7438RPn is a wireless signal extender from Taiwan, China-based Xunzhou Edimax Corporation. A security vulnerability exists in the Edimax EW-7438RPn version 1.31, which originates from the parameter submit-url operation of the function formRadius in the file /goform/formRadius, and m...
Edimax BR-6478AC 安全漏洞
Edimax BR-6478AC is a dual-band Gigabit router from China Xunzhou Edimax. A security vulnerability exists in Edimax BR-6478AC version 1.23, which originates from the operation of the function formiNICSiteSurvey in the file /goform/formiNICSiteSurvey in the POST Request Handler...
Code-Projects Employee Management System 代码注入漏洞
Code-Projects Employee Management System is a Code-Projects open source employee management system . Code-Projects Employee Management System version 1.0 suffers from a code injection vulnerability that originates from manipulation of the parameter ID in the file /myprofileup.php, which could lea...
WordPress plugin JetEngine SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A SQL injection...
OutSystems Lifetime 安全漏洞
OutSystems Lifetime is a low-code platform management control center from OutSystems USA. A security vulnerability exists in OutSystems Lifetime versions prior to 11.28.2.3955, which stems from the presence of the ApplicationID parameter to bypass authorization via a user control key, which could...
WordPress plugin Autoship Cloud for WooCommerce Subscription Products 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
Edimax EW-7438RPn 安全漏洞
Edimax EW-7438RPn is a wireless signal extender from Taiwan, China-based Edimax. A security vulnerability exists in the Edimax EW-7438RPn version 1.31, which originates from a parameter manipulation of the function formWlSiteSurvey in the file /goform/formWlSiteSurvey by the webs component, which...
SourceCodester Indian Invoicing System 代码注入漏洞
SourceCodester Indian Invoicing System is a SourceCodester open source Indian invoicing system. A code injection vulnerability exists in SourceCodester Indian Invoicing System version 1.0, which stems from manipulation of the parameter msg in the file /Invoicing/category.php, and could lead to...
SourceCodester Simple POS and Inventory System SQL注入漏洞
SourceCodester Simple POS and Inventory System is SourceCodester open source a simple POS and inventory system . SourceCodester Simple POS and Inventory System version 1.0 suffers from a SQL injection vulnerability that originates from the manipulation of the parameter Name by an unknown function...
SourceCodester Student Grades Management System 代码注入漏洞
SourceCodester Student Grades Management System is a SourceCodester open source student grades management system . SourceCodester Student Grades Management System version 1.0 has a code injection vulnerability , the vulnerability stems from the operation of the parameter Remarks in the file...
WordPress plugin MyCryptoCheckout 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
Code-Projects Employee Management System SQL注入漏洞
Code-Projects Employee Management System is a Code-Projects open source employee management system . Code-Projects Employee Management System version 1.0 suffers from a SQL injection vulnerability that originates from the manipulation of an unknown function in the /changepassemp.php file, which...
NEC Aterm 安全漏洞
NEC Aterm is a series of wireless routers from Japan Electric NEC. A security vulnerability exists in NEC Aterm that stems from a cross-site scripting issue that could lead to the execution of arbitrary script in the browser of a user accessing the web management interface over an adjacent networ...
Hackney 安全漏洞
Hackney is a program library from Hackney, Inc. A security vulnerability exists in Hackney versions prior to 2.0.0 through 4.0.1, which stems from the accumulation of unsized HTTP/3 response bodies, which could lead to resource exhaustion...
Hackney 安全漏洞
Hackney is a program library from Hackney, Inc. A security vulnerability exists in Hackney versions prior to 2.0.0 to 4.0.1 that stems from the URL parser converting unrecognized URL schemes into permanent BEAM atoms, which could lead to atom table exhaustion and BEAM VM crashes...