Page 18 of 42152 results (0.047 seconds)

CVSS: 4.8EPSS: 0%CPEs: -EXPL: 0

An HTML injection vulnerability in Sunbird DCIM dcTrack 9.1.2 allows attackers authenticated as administrators to inject arbitrary HTML code in an admin screen. • http://dctrack.com https://s3.us-east-1.amazonaws.com/dcTrack.Docs/dcTrack_9.2.0_GA/dcTrack_9.2.0_Release_Notes.pdf • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

GetSimple CMS CE 3.3.19 suffers from arbitrary code execution in the template editing function in the background management system, which can be used by an attacker to implement RCE. • https://getsimple-ce.ovh https://tasteful-stamp-da4.notion.site/CVE-2024-55085-15b1e0f227cb80a5aee6faeb820bf7e6 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.1EPSS: 0%CPEs: -EXPL: 0

These are executed, leading to Remote Code Execution. • https://servicedesk.logpoint.com/hc/en-us/articles/22137632418845-Remote-Code-Execution-while-creating-Universal-Normalizer • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 7.1EPSS: 0%CPEs: -EXPL: 0

These are executed when the backup process is initiated, leading to Remote Code Execution. • https://servicedesk.logpoint.com/hc/en-us/articles/22136886421277-Remote-Code-Execution-while-creating-Report-Templates • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

An issue was discovered in FastNetMon Community Edition through 1.2.7. The sFlow v5 plugin allows remote attackers to cause a denial of service (application crash) via a crafted packet that specifies many sFlow samples. • https://github.com/pavel-odintsov/fastnetmon/commit/5164a29603fff9dd445b7660a35090989f005000 https://github.com/pavel-odintsov/fastnetmon/commit/65c40ee92dd5bcad1ab52cbafa1afd62cf669e48 • CWE-94: Improper Control of Generation of Code ('Code Injection') •