FUXA v1.2.7 has hard-coded JWT credentials (EPSS 4.8%) that allow attackers to forge authentication tokens and bypass all access controls on the SCADA interface.
AdminPando 1.0.1 by Fikir Odalari has a CVSS 10.0 SQL injection in the login functionality allowing complete authentication bypass and database takeover.
Dokans SaaS e-commerce platform v3.9.2 has a CVSS 10.0 authentication bypass allowing unauthenticated attackers to obtain sensitive application secrets and tenant data.
School ERP Pro 1.0 allows students to upload arbitrary PHP files, enabling remote code execution from a low-privileged student account.
CI4MS (CodeIgniter 4 CMS skeleton) has a code injection vulnerability (CVSS 9.9) allowing authenticated users to execute arbitrary PHP code through the CMS module system.
TOTOLINK A950RG router firmware has a buffer overflow in setUrlFilterRules that allows remote attackers to execute code through the router's management interface.
TOTOLINK A950RG has a third buffer overflow in setRadvdCfg providing yet another RCE vector through the router's IPv6 configuration interface.
CraftCMS 3 vCard Plugin 1.0.0 has an insecure deserialization vulnerability allowing unauthenticated remote code execution through crafted vCard data.
webERP 4.15.1 has an unauthenticated file access vulnerability allowing remote attackers to download sensitive files including configuration and database credentials.
LanSend 3.2 has a buffer overflow in the Add Computers Wizard file import enabling code execution through crafted computer list files.
CloudMe 1.11.2 cloud sync application has a buffer overflow enabling remote code execution through the network sync protocol.
Kede Electronics IoT smart water meter monitoring platform v1.0 has a SQL injection allowing attackers to compromise the industrial monitoring database.
TOTOLINK A950RG has a stack-based buffer overflow in a second endpoint, providing an additional RCE vector through the router's CGI interface.
MediaCrush through version 1.0.1 allows unauthenticated arbitrary file upload without file type restrictions, enabling web shell deployment and remote code execution.
YouDataSum CPAS Audit Management System v4.9 has a SQL injection in the archive report endpoint allowing extraction of audit and compliance data.
Konica Minolta FTP Utility 1.0 has a second buffer overflow in the NLST command, providing an additional RCE vector alongside the LIST vulnerability.
Konica Minolta FTP Utility 1.0 has a buffer overflow in the LIST command allowing remote attackers to execute code on systems running the utility.
Remote Desktop Audit 2.3.0.157 has a buffer overflow enabling code execution through crafted RDP scan responses.
StreamRipper32 2.6 has a buffer overflow in the Station/Song Section allowing remote code execution through crafted audio stream metadata.
GoldWave 5.70 audio editor has a buffer overflow enabling code execution through crafted audio files.
webTareas 2.0.p8 has an arbitrary file deletion vulnerability in the print_layout.php admin component enabling system disruption.
Filetto 1.0 FTP server has a denial of service vulnerability in FEAT command processing causing uncontrolled resource consumption.
FUXA v1.2.7 allows remote code execution through the project import functionality by importing crafted project files containing malicious code.
ASUSTOR ADM has an input validation vulnerability when joining AD Domain that allows unauthenticated attackers to compromise the NAS device.
PEAR PHP framework has a code execution vulnerability through unsafe use of preg_replace() that allows attackers to execute arbitrary PHP code.
PEAR PHP framework has a seventh SQL injection with higher EPSS (0.12%), indicating more active scanning for this particular injection vector.
FUXA v1.2.7 has an unrestricted file upload in the /api/upload endpoint that lacks authentication and file type validation, enabling web shell deployment on SCADA systems.
PEAR PHP framework has another SQL injection vulnerability prior to version 1.33.0, the sixth in a series of critical security flaws in the PHP component distribution system.
PEAR PHP framework prior to 1.33.0 has a fifth SQL injection vulnerability, part of a comprehensive security audit that found multiple injection points across the framework.
PEAR PHP framework has a second SQL injection vulnerability in a different code path, providing an alternate database compromise vector.
PEAR PHP framework prior to 1.33.0 has a SQL injection vulnerability allowing attackers to extract data from the component distribution database.
Fast DDS (eProsima) has a heap buffer overflow in its C++ DDS implementation that allows remote attackers to execute code through crafted DDS protocol messages.
Emit Informatics product has a SQL injection vulnerability allowing unauthenticated database compromise through unsanitized input parameters.
Rapid7 InsightVM before 8.34.0 has a SAML signature verification bypass (CVSS 9.6) allowing attackers to forge authentication assertions and gain unauthorized access.
Qwik JavaScript framework prior to 1.19.0 has a prototype pollution vulnerability that can lead to server-side code execution in SSR applications.
FUXA v1.2.7 SCADA/HMI system has insecure default configuration with security disabled by default, exposing industrial control interfaces without authentication.
ELECOM wireless LAN access point devices have a stack-based buffer overflow that allows remote attackers to execute code or crash the device via crafted packets.
Avation Light Engine Pro exposes its configuration and control interface without any authentication or access control.
MOMA Seismic Station v2.4.2520 exposes its web management interface without authentication, allowing unauthenticated control of seismological monitoring equipment.
PEAR PHP framework prior to 1.33.0 has a logic bug in the roadmap feature allowing unauthorized access through incorrect operator comparison.