| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| ServerManagement master branch as of commit 49491cc6f94980e6be7791d17be947c27071eb56 is affected by a directory traversal vulnerability. This vulnerability can be used to extract credentials which can in turn be used to execute code. |
| AlquistManager branch as of commit 280d99f43b11378212652e75f6f3159cde9c1d36 is affected by a directory traversal vulnerability. This attack can cause the disclosure of critical secrets stored anywhere on the system andcan significantly aid in getting remote code access. |
| A Remote Code Execution (RCE) vulnerability exists in Simple Client Management System 1.0 in create.php due to the failure to validate the extension of the file being sent in a request. |
| An Access Control vulnerability exists in CLARO KAON CG3000 1.00.67 in the router configuration, which could allow a malicious user to read or update the configuraiton without authentication. |
| An SQL Injection vulnerability exists in Webtareas 2.4p3 and earlier via the $uq HTTP POST parameter in editapprovalstage.php. |
| A Remote Code Execution (RCE) vulnerability exists in The-Secretary 2.5 via install.php. |
| A vulnerability exists in Hoosk 1.8.0 in /install/index.php, due to a failure to check if config.php already exists in the root directory, which could let a malicious user reinstall the website. |
| An Access Control vulnerability exists in D-Link DIR-823G REVA1 1.02B05 (Lastest) via any parameter in the HNAP1 function |
| In Canon LBP223 printers, the System Manager Mode login does not require an account password or PIN. An attacker can remotely shut down the device after entering the background, creating a denial of service vulnerability. |
| VINGA WR-N300U 77.102.1.4853 is affected by a command execution vulnerability in the goahead component. |
| In the thymeleaf-spring5:3.0.12 component, thymeleaf combined with specific scenarios in template injection may lead to remote code execution. |
| A Remiote Code Execution (RCE) vulnerability exiss in Subrion CMS 4.2.1 via modified code in a background field; when the information is modified, the data in it will be executed through eval(). |
| An Unquoted Service Path vulnerability exists in Ext2Fsd v0.68 via a specially crafted file in the Ext2Srv Service executable service path. |
| A Cross Site Scripting (XSS) vulnerability exists in Rumble Mail Server 0.51.3135 via the username parameter. |
| Cross Site Scripting (XSS) vulnerability exists in Rumble Mail Server 0.51.3135 via the servername parameter. |
| An Unquoted Service Path vulnerability exists in System Explorer 7.0.0 via via a specially crafted file in the SystemExplorerHelpService service executable path. |
| A Cross Site Scripting (XSS) vulnerability exists in Rumble Mail Server 0.51.3135 via the (1) domain and (2) path parameters. |
| An Unquoted Service Path vulnerability exits in Vembu BDR 4.2.0.1 via a specially crafted file in the (1) hsflowd, (2) VembuBDR360Agent, or (3) VembuOffice365Agent service paths. |
| An Unquoted Service Path vulnerability exists in bVPN 2.5.1 via a specially crafted file in the waselvpnserv service path. |
| An Unquoted Service Path vulnerablility exists in Rumble Mail Server 0.51.3135 via via a specially crafted file in the RumbleService executable service path. |