Command injection in Totolik A7000R firmware (version 4.1cu.4154) via the CloudACManualUpdateUserdata function allows authenticated remote attackers to execute arbitrary commands through a crafted url parameter. Public exploit code exists for this vulnerability and no patch is currently available.
Command injection in Totolik A7000R firmware allows authenticated remote attackers to execute arbitrary commands through the plugin_name parameter in the setUnloadUserData function. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires network access and valid credentials but no user interaction.
D-Link DIR-823X routers are vulnerable to remote command injection through the lan_gateway parameter in the /goform/set_mode function, allowing authenticated attackers to execute arbitrary OS commands. Public exploit code is available for this vulnerability, and affected devices are no longer receiving security updates from the vendor. The attack requires network access and valid credentials but has a low CVSS score of 6.3 due to limited impact scope.
SQL injection in jshERP up to version 3.6 allows authenticated remote attackers to manipulate the barCodes parameter in the DepotItem import function, potentially enabling unauthorized data access or modification. Public exploit code exists for this vulnerability, and no patch is currently available. The vendor has not responded to early notification of this issue.
Improper authorization in PHPGurukul Hospital Management System 1.0 allows authenticated attackers to manipulate the Admin Dashboard Page and gain unauthorized access to sensitive functionality. Public exploit code exists for this vulnerability, and no patch is currently available. The network-accessible flaw requires only valid credentials to exploit, enabling attackers to bypass access controls with low complexity.
jshERP versions up to 3.6 contain a path traversal vulnerability in the PluginController's file upload functionality that allows authenticated attackers to read arbitrary files on the server. Public exploit code exists for this vulnerability, and the vendor has not yet released a patch despite being notified of the issue.
SQL injection in Online Music Site 1.0's AdminAddCategory.php allows remote attackers with high privileges to execute arbitrary SQL queries and potentially access or modify sensitive data. Public exploit code exists for this vulnerability, increasing the risk of active exploitation. No patch is currently available.
A vulnerability was identified in D-Link DCS-700L 1.03.09. The affected element is the function uploadmusic of the file /setUploadMusic of the component Music File Upload Service. [CVSS 2.4 LOW]
A vulnerability was identified in rethinkdb versions up to 2.4.3. is affected by cross-site scripting (xss) (CVSS 2.4).
In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. [CVSS 2.9 LOW]