Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary com
A security flaw has been discovered in Edimax BR-6675nD 1.12. This affects the function formHwSet of the file /goform/formHwSet of the component POST Request Handler. The manipulation of the argument
Due to insufficient escaping of the newline character in the “Copy as cURL” feature, an attacker could trick a user into using this command, potentially leading to local code execution on the user's s
Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary com
A vulnerability was determined in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setLedCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulati
Improper Input Validation vulnerability in OpenText iManager allows Cross-Site Scripting (XSS). This issue affects iManager before 3.2.3
OS command injection (CWE-78) vulnerability in pgAdmin 4 Import/Export query export.
User-supplied input was interpolated directly into a psql \copy metacommand template without sanitization. An auth
Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary com
A Improper Control of Generation of Code ('Code Injection') vulnerability in plugin management in iota C.ai Conversational Platform from 1.0.0 through 2.1.3 allows remote authenticated users to perfor
A command injection vulnerability exists in the Infinxt iEdge 100 2.1.32 in the Troubleshoot module "MTR" functionality. The vulnerability is due to improper validation of user-supplied input in the m
Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary com
Command injection vulnerability in Nexxt Solutions NCM-X1800 Mesh Router versions UV1.2.7 and below, allowing authenticated attackers to execute arbitrary commands on the device. The vulnerability is
A CRLF injection vulnerability in E-Staff v5.1 allows attackers to insert Carriage Return (CR) and Line Feed (LF) characters into input fields, leading to HTTP response splitting and header manipulati
There is a CSV Injection Vulnerability in some HikCentral Master Lite versions. This could allow an attacker to inject executable commands via malicious CSV data.
An OS command injection vulnerability exists due to insufficient
sanitization of user-supplied input. The application accepts parameters
that are later incorporated into OS commands without adequate
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to execute a command injection attack on the underlying operating system of an affected device. To explo
Improper Neutralization of Special Elements used in an OS Command vulnerability allows OS Command Injection via WebServerModuleDebug. This issue affects Pandora FMS: from 777 through 800
A high privileged remote attacker can execute arbitrary system commands via POST requests in the send_sms action due to improper neutralization of special elements used in an OS command.
A vulnerability was determined in Edimax BR-6478AC V2 1.23. This impacts the function stainfo of the file /goform/stainfo of the component POST Request Handler. This manipulation of the argument inter
MimeKit is a C# library which may be used for the creation and parsing of messages using the Multipurpose Internet Mail Extension (MIME), as defined by numerous IETF specifications. Prior to version 4