Lucene search
K
Cym1102Nginxwebui

6 matches found

CVE
CVE
added 2024/04/13 5:31 p.m.76 views

CVE-2024-3738

CVE-2024-3738 affects cym1102 nginxWebUI up to version 3.9.9. The vulnerability lies in the handlePath function of /adminPage/conf/saveCmd, where manipulating the nginxPath argument leads to improper certificate validation. The issue enables remote exploitation and the exploit has been disclosed ...

9.8CVSS6.9AI score0.00517EPSS
Web
CVE
CVE
added 2024/04/13 8:31 p.m.76 views

CVE-2024-3740

The CVE-2024-3740 entry affects cym1102 nginxWebUI up to version 3.9.9. The issue resides in the exec function of /adminPage/conf/reload, where deserialization is triggered by manipulating the nginxExe argument, enabling potential remote code execution. The vulnerability details are supported by ...

9.8CVSS6.8AI score0.00815EPSS
Web
CVE
CVE
added 2024/04/13 6:31 p.m.73 views

CVE-2024-3739

The CVE-2024-3739 entry concerns cym1102 nginxWebUI up to 3.9.9. Affects unknown code in /adminPage/main/upload; manipulating the file parameter triggers OS command injection. Exploitation is remote and the vulnerability has been publicly disclosed. Multiple sources (NVD/NVD-derived, Red Hat, CNV...

9.8CVSS7.6AI score0.02891EPSS
Web
CVE
CVE
added 2024/04/13 2:0 p.m.59 views

CVE-2024-3736

CVE-2024-3736 affects cym1102 nginxWebUI up to version 3.9.9. The vulnerability resides in the upload function of /adminPage/main/upload, enabling unrestricted file upload. This can be exploited remotely and the exploit has been disclosed publicly. Impact is high on availability (per CVSS) with n...

7.5CVSS6.9AI score0.00918EPSS
CVE
CVE
added 2024/04/13 4:31 p.m.57 views

CVE-2024-3737

CVE-2024-3737 affects cym1102 nginxWebUI up to 3.9.9. The vulnerability is a path traversal in the function findCountByQuery in /adminPage/www/addOver, triggered by manipulation of the dir argument. The issue can be exploited remotely and had publicly disclosed exploits. Affected versions: up to ...

9.8CVSS6.8AI score0.009EPSS
Web
CVE
CVE
added 2026/02/08 9:2 a.m.25 views

CVE-2026-2145

CVE-2026-2145 affects cym1102 nginxWebUI up to version 4.3.7. The vulnerability lies in an unknown function handling the nginxDir argument in the /adminPage/conf/check component of the Web Management Interface, enabling remote cross-site scripting (XSS). Public exploits exist. Proof-of-concept ex...

5.4CVSS3.4AI score0.00264EPSS
Web