4985 matches found
VulnCheck KEV: CVE-2022-0826
The WP Video Gallery WordPress plugin through 1.7.1 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users...
VulnCheck KEV: CVE-2021-21479
In SCIMono before 0.0.19, it is possible for an attacker to inject and execute java expression compromising the availability and integrity of the system...
VulnCheck KEV: CVE-2022-0827
The Bestbooks WordPress plugin through 2.6.3 does not sanitise and escape some parameters before using them in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users...
VulnCheck KEV: CVE-2023-42917
Apple iOS, iPadOS, macOS, and Safari WebKit contain a memory corruption vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products...
VulnCheck KEV: CVE-2022-0769
The Users Ultra WordPress plugin through 3.1.0 fails to properly sanitize and escape the datatarget parameter before it is being interpolated in an SQL statement and then executed via the ratingvote AJAX action available to both unauthenticated and authenticated users, leading to an SQL...
VulnCheck KEV: CVE-2021-21389
BuddyPress is an open source WordPress plugin to build a community site. In releases of BuddyPress from 5.0.0 before 7.2.1 it's possible for a non-privileged, regular user to obtain administrator rights by exploiting an issue in the REST API members endpoint. The vulnerability has been fixed in...
VulnCheck KEV: CVE-2021-21307
Lucee Server is a dynamic, Java based JSR-223, tag and scripting language used for rapid web application development. In Lucee Admin before versions 5.3.7.47, 5.3.6.68 or 5.3.5.96 there is an unauthenticated remote code exploit. This is fixed in versions 5.3.7.47, 5.3.6.68 or 5.3.5.96. As a...
VulnCheck KEV: CVE-2021-33564
An argument injection vulnerability in the Dragonfly gem before 1.4.0 for Ruby allows remote attackers to read and write to arbitrary files via a crafted URL when the verifyurl option is disabled. This may lead to code execution. The problem occurs because the generate and process features...
VulnCheck KEV: CVE-2019-20933
InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret aka shared secret...
VulnCheck KEV: CVE-2017-8226
Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices have default credentials that are hardcoded in the firmware and can be extracted by anyone who reverses the firmware to identify them. If the firmware version V2.420.AC00.16.R 9/9/2016 is dissected using binwalk tool, one obtains a...
VulnCheck KEV: CVE-2023-48365
Qlik Sense contains an HTTP tunneling vulnerability that allows an attacker to escalate privileges and execute HTTP requests on the backend server hosting the software...
VulnCheck KEV: CVE-2023-28770
The sensitive information exposure vulnerability in the CGI “ExportLog” and the binary “zcmd” in Zyxel DX5401-B0 firmware versions prior to V5.17ABYO.1C0 could allow a remote unauthenticated attacker to read the system files and to retrieve the password of the supervisor from the encrypted file...
VulnCheck KEV: CVE-2023-48760
Multiple plugins by Crocoblock for WordPress are vulnerable to an authorization bypass vulnerability...
VulnCheck KEV: CVE-2023-41266
Qlik Sense contains a path traversal vulnerability that allows a remote, unauthenticated attacker to create an anonymous session by sending maliciously crafted HTTP requests. This anonymous session could allow the attacker to send further requests to unauthorized endpoints...
VulnCheck KEV: CVE-2023-41265
Qlik Sense contains an HTTP tunneling vulnerability that allows an attacker to escalate privileges and execute HTTP requests on the backend server hosting the software...
VulnCheck KEV: CVE-2023-6448
Unitronics Vision Series PLCs and HMIs ship with an insecure default password, which if left unchanged, can allow attackers to execute remote commands...
VulnCheck KEV: CVE-2021-41569
SAS/Intrnet 9.4 build 1520 and earlier allows Local File Inclusion. The samples library included by default in the appstart.sas file, allows end-users of the application to access the sample.webcsf1.sas program, which contains user-controlled macro variables that are passed to the DS2CSF macro...
VulnCheck KEV: CVE-2022-1390
The Admin Word Count Column WordPress plugin through 2.2 does not validate the path parameter given to readfile, which could allow unauthenticated attackers to read arbitrary files on server running old version of PHP susceptible to the null byte technique. This could also lead to RCE by...
VulnCheck KEV: CVE-2023-1020
The Steveas WP Live Chat Shoutbox WordPress plugin through 1.4.2 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...
VulnCheck KEV: CVE-2020-19625
Remote Code Execution Vulnerability in tests/support/stores/testgridfilter.php in oria gridx 1.3, allows remote attackers to execute arbitrary code, via crafted value to the $query parameter...
VulnCheck KEV: CVE-2019-11248
The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for...
VulnCheck KEV: CVE-2023-0552
The Registration Forms WordPress plugin before 3.8.2.3 does not properly validate the redirection URL when logging in and login out, leading to an Open Redirect vulnerability...
VulnCheck KEV: CVE-2023-34659
jeecg-boot 3.5.0 and 3.5.1 have a SQL injection vulnerability the id parameter of the /jeecg-boot/jmreport/show interface...
VulnCheck KEV: CVE-2023-49103
ownCloud graphapi contains an information disclosure vulnerability that can reveal sensitive data stored in phpinfo via GetPhpInfo.php, including administrative credentials...
VulnCheck KEV: CVE-2022-0784
The Title Experiments Free WordPress plugin before 9.0.1 does not sanitise and escape the id parameter before using it in a SQL statement via the wpextitles AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection...
VulnCheck KEV: CVE-2018-3810
Authentication Bypass vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to insert arbitrary JavaScript or HTML code via the sgcgoogleanalytic parameter that runs on all pages served by WordPress. The saveGoogleCode function...
VulnCheck KEV: CVE-2019-17503
An issue was discovered in Kirona Dynamic Resource Scheduling DRS 5.5.3.5. An unauthenticated user can access /osm/REGISTER.cmd aka /osmtiles/REGISTER.cmd directly: it contains sensitive information about the database through the SQL queries within this batch file. This file exposes SQL...
VulnCheck KEV: CVE-2022-46381
Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter e.g., to the badging/badgetemplatev0.php component. This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e...
VulnCheck KEV: CVE-2018-14918
LOYTEC LGATE-902 6.3.2 devices allow Directory Traversal...
VulnCheck KEV: CVE-2017-15363
Directory traversal vulnerability in public/examples/resources/getsource.php in Luracast Restler through 3.0.0, as used in the restler extension before 1.7.1 for TYPO3, allows remote attackers to read arbitrary files via the file parameter...
VulnCheck KEV: CVE-2019-9733
An issue was discovered in JFrog Artifactory 6.7.3. By default, the access-admin account is used to reset the password of the admin account in case an administrator gets locked out from the Artifactory console. This is only allowable from a connection directly from localhost, but providing a...
VulnCheck KEV: CVE-2018-16159
The Gift Vouchers plugin through 2.0.1 for WordPress allows SQL Injection via the templateid parameter in a wp-admin/admin-ajax.php wpgvdoajaxfronttemplate request...
VulnCheck KEV: CVE-2018-14912
cgitcloneobjects in CGit before 1.2.1 has a directory traversal vulnerability when enable-http-clone=1 is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request...
VulnCheck KEV: CVE-2019-12990
Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 allow Directory Traversal...
VulnCheck KEV: CVE-2018-19365
The REST API in Wowza Streaming Engine 4.7.4.01 allows traversal of the directory structure and retrieval of a file via a remote, specifically crafted HTTP request...
VulnCheck KEV: CVE-2018-15138
Ericsson-LG iPECS NMS 30M allows directory traversal via ipecs-cm/download?filename=../ URIs...
VulnCheck KEV: CVE-2018-12031
Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via server/nodeupgradesrv.js directory traversal with the firmware parameter in a downloadFirmware action...
VulnCheck KEV: CVE-2018-11409
Splunk through 7.0.1 allows information disclosure by appending raw/services/server/info/server-info?outputmode=json to a query, as demonstrated by discovering a license key...
VulnCheck KEV: CVE-2018-11222
Local File Inclusion LFI in Artica Pandora FMS through version 7.23 allows an attacker to call any php file via the /pandoraconsole/ajax.php ajax endpoint...
VulnCheck KEV: CVE-2019-12276
A Path Traversal vulnerability in Controllers/LetsEncryptController.cs in LetsEncryptController in GrandNode 4.40 allows remote, unauthenticated attackers to retrieve arbitrary files on the web server via specially crafted LetsEncrypt/Index?fileName= HTTP requests. A patch for this issue was made...
VulnCheck KEV: CVE-2019-12593
IceWarp Mail Server through 10.4.4 is prone to a local file inclusion vulnerability via webmail/calendar/minimizer/index.php?style=..%5c directory traversal...
VulnCheck KEV: CVE-2022-28005
An issue was discovered in the 3CX Phone System Management Console prior to version 18 Update 3 FINAL. An unauthenticated attacker could abuse improperly secured access to arbitrary files on the server via /Electron/download directory traversal in conjunction with a path component that uses...
VulnCheck KEV: CVE-2023-3836
A vulnerability classified as critical was found in Dahua Smart Park Management up to 20230713. This vulnerability affects unknown code of the file /emap/devicePointaddImgIco?hasSubsystem=true. The manipulation of the argument upload leads to unrestricted upload. The attack can be initiated...
VulnCheck KEV: CVE-2023-29919
SolarView Compact = 6.0 is vulnerable to Insecure Permissions. Any file on the server can be read or modified because texteditor.php is not restricted...
VulnCheck KEV: CVE-2020-11991
When using the StreamGenerator, the code parse a user-provided XML. A specially crafted XML, including external system entities, could be used to access any file on the server system...
VulnCheck KEV: CVE-2022-22242
A Cross-site Scripting XSS vulnerability in the J-Web component of Juniper Networks Junos OS allows an unauthenticated attacker to run malicious scripts reflected off of J-Web to the victim's browser in the context of their session within J-Web. This issue affects Juniper Networks Junos OS...
VulnCheck KEV: CVE-2022-45933
KubeView through 0.1.31 allows attackers to obtain control of a Kubernetes cluster because api/scrape/kube-system does not require authentication, and retrieves certificate files that can be used for authentication as kube-admin. NOTE: the vendor's position is that KubeView was a "fun side...
VulnCheck KEV: CVE-2021-30168
The sensitive information of webcam device is not properly protected. Remote attackers can unauthentically grant administrator’s credential and further control the devices...
VulnCheck KEV: CVE-2020-17518
Apache Flink 1.5.1 introduced a REST handler that allows you to write an uploaded file to an arbitrary location on the local file system, through a maliciously modified HTTP HEADER. The files can be written to any location accessible by Flink 1.5.1. All users should upgrade to Flink 1.11.3 or...
VulnCheck KEV: CVE-2020-11455
LimeSurvey before 4.1.12+200324 contains a path traversal vulnerability in application/controllers/admin/LimeSurveyFileManager.php...