Vivotek FD8136 devices allow Remote Command Injection, related to BusyBox and wget.
TYPO3 8.x through 8.7.26 and 9.x through 9.5.7 allows Deserialization of Untrusted Data. Trape through has SQL injection via the data variable in core/db.py, as demonstrated by the /bs t parameter. it allows SQL Injection via container_id and old_order parameters to ajax/reorder.php by an unauthenticated user. The current version, without this backdoor, is 0.0.6.Īn issue was discovered in the Teclib Fields plugin through 1.9.2 for GLPI. The strong_password gem 0.0.7 for Ruby, as distributed on, included a code-execution backdoor inserted by a third party. Strong_password_project - strong_password Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust. The attacker provides a pair of a regex pattern and a string, with a multi-byte encoding that gets handled by onig_new_deluxe().
BETTERZIP 3.1.2 KEY CODE
There is a SQL injection vulnerability via a /news/*.html page.Ī use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. AZ Admin 1.0 has news_det.php?cod= SQL Injection.Īn issue was discovered in Hsycms V1.1. Versions: Android-8.0 Android-8.1 Android-9. User interaction is not needed for exploitation. This could lead to local code execution with no additional execution privileges needed. In several functions of, there is possible memory corruption due to a use after free. This could lead to remote code execution in the netd server with no additional execution privileges needed. In loop of DnsTlsSocket.cpp, there is a possible heap memory corruption due to a use after free. User interaction is needed for exploitation. This could lead to remote code execution with no additional execution privileges needed. In MakeMPEG4VideoCodecSpecificData of AVIExtractor.cpp, there is a possible out of bounds write due to an incorrect bounds check. In ihevcd_parse_pps of ihevcd_parse_headers.c, there is a possible out of bounds write due to a missing bounds check. In ihevcd_sao_shift_ctb of ihevcd_sao.c, there is a possible out of bounds write due to a missing bounds check. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the Type field to SetWanSettings.ĭynacolor FCM-MB40 v1.2.0.0 devices allow remote attackers to execute arbitrary commands via a crafted parameter to a CGI script, as demonstrated by sed injection in cgi-bin/camctrl_save_profile.cgi (save parameter) and cgi-bin/ddns.cgi. There is a command injection in HNAP1 (exploitable with Authentication) via shell metacharacters in the MTU field to SetWanSettings.Īn issue was discovered on D-Link DIR-818LW devices with firmware 2.06betab01. The vulnerability does not need any authentication.ĭ-Link DIR-655 C devices before 3.02B05 BETA03 allow remote attackers to execute arbitrary commands via shell metacharacters in the online_firmware_check.cgi check_fw_url parameter.Īn issue was discovered on D-Link DIR-818LW devices with firmware 2.06betab01. Input does not get validated and arbitrary SQL statements can be executed in the database via the /web/Public/Conn.php parameter dbSQL.Ī SQL Injection was discovered in D-Link Central WiFi Manager CWM(100) before v1.03R0100_BETA6 in with the index.php/Pay/passcodeAuth parameter passcode.
BETTERZIP 3.1.2 KEY PASSWORD
web/Lib/Action/ in D-Link Central WiFi Manager CWM(100) before v1.03R0100_BETA6 allows remote attackers to execute arbitrary PHP code via a cookie because a cookie's username field allows eval injection, and an empty password bypasses authentication.Īn issue was discovered in the D-Link Central WiFi Manager CWM(100) before v1.03R0100_BETA6.
0 kommentar(er)
