![]() An unauthenticated attacker can extract a valid uuid to bypass authentication.Īn issue was discovered in the sys-info crate before 0.8.0 for Rust. ![]() Roxy-WI through 5.2.2.0 allows SQL Injection via check_login. RConfig 3.9.5 allows command injection by sending a crafted GET request to lib/ajaxHandlers/ajaxArchiveFiles.php since the path parameter is passed directly to the exec function without being escaped. In ProLink PRC2402M V1.0.18 and older, the set_ledonoff function in the adm.cgi binary, accessible with a page parameter value of ledonoff contains a trivial command injection where the value of the led_cmd parameter is passed directly to do_system. In ProLink PRC2402M V1.0.18 and older, the set_TR069 function in the adm.cgi binary, accessible with a page parameter value of TR069 contains a trivial command injection where the value of the TR069_local_port parameter is passed directly to system. In ProLink PRC2402M V1.0.18 and older, the set_sys_cmd function in the adm.cgi binary, accessible with a page parameter value of sysCMD contains a trivial command injection where the value of the command parameter is passed directly to system. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database, or execute SQL statements that alter or delete database elements, via crafted strings sent to unique MOVEit Transfer transaction types. In certain Progress MOVEit Transfer versions before 2021.0.4 (aka 13.0.4), SQL injection in the MOVEit Transfer web application could allow an unauthenticated remote attacker to gain access to the database. Obsidian before 0.12.12 does not require user confirmation for non-http/https URLs. In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. In JetBrains TeamCity before 2020.2.4, there was an insecure deserialization. ![]() In JetBrains Hub before 209, account takeover was possible during password reset. The Amica Prodigy's executable "" has incorrect permissions, allowing a local unprivileged user to replace it with a malicious file that will be executed with "LocalSystem" privileges.Īn arbitrary file upload vulnerability in /jeecg-boot/sys/common/upload of jeecg-boot CMS 2.3 allows attackers to execute arbitrary code. It allows writing to arbitrary files because the extractPages pathname is not validated.Ī vulnerability was found in CIR 2000 / Gestionale Amica Prodigy v1.7. It allows writing to arbitrary files because a CombineFiles pathname is not validated.Īn issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows SQL Injection via crafted data at the end of a string.įoxit Reader before 10.1.4 and PhantomPDF before 10.1.4 have an out-of-bounds write because the Cross-Reference table is mishandled during Office document conversion.Īn issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows memory corruption during conversion of a PDF document to a different document format.Īn issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. A successful exploit could allow the attacker to remotely execute arbitrary code on a target system.Īn issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. An attacker could exploit this vulnerability by sending a crafted HTTP request an affected program. This vulnerability is due to insufficient validation of the authorization certificate. The ping_ipaddr parameter in ping_response.cgi POST request allows an attacker to crash the webserver and might even gain remote code execution.Ī vulnerability in PKI Security Solution of Dream Security could allow arbitrary command execution. A remote authenticated malicious user with high privileges may potentially exploit this vulnerability to execute arbitrary OS commands.Ī buffer overflow in D-Link DIR-615 C2 3.03WW. A remote unauthenticated attacker may potentially exploit this vulnerability to hijack an elevated session or perform unauthorized actions by sending malformed data.ĭell OpenManage Enterprise versions prior to 3.6.1 contain an OS command injection vulnerability in RACADM and IPMI tools. SQL Injection Vulnerability in Care2x Open Source Hospital Information Management 2.7 Alpha via the (1) pday, (2) pmonth, and (3) pyear parameters in GET requests sent to /modules/nursing/nursing-station.php.ĭell OpenManage Enterprise versions prior to 3.6.1 contain an improper authentication vulnerability. There is a drop of uninitialized memory in Matrix::new().Ĭare2x - hospital_information_management_system An issue was discovered in the alg_ds crate through for Rust.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |