Vuldb Updates

A vulnerability identified as critical has been detected in pihome-shc PiHome 1.77. Affected by this issue is some unknown functionality of the file /ajax.php?Ajax=GetModal_MQTTEdit. This manipulation of the argument ID causes sql injection. This vulnerability is tracked as CVE-2025-1184. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability was found in Diebold Nixdorf Vynamic Security Suite up to 3.3.0 SR11/4.0.0 SR03/4.1.0 SR01/4.2.0 and classified as critical. This affects an unknown part. Executing manipulation can lead to improper authorization. This vulnerability is tracked as CVE-2023-24062. The physical device can be targeted for the attack. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability was found in Diebold Nixdorf Vynamic Security Suite up to 3.3.0 SR3. It has been declared as critical. This issue affects some unknown processing of the file /etc/initab of the component Pre-Boot Authorization. The manipulation results in improper authorization. This vulnerability is cataloged as CVE-2023-24064. An attack on the physical device is feasible. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in Connectize AC21000 G6 641.139.1.1256. Impacted is an unknown function. The manipulation results in weak password recovery. This vulnerability is cataloged as CVE-2023-24052. The attack must originate from the local network. There is no exploit available.

A vulnerability described as critical has been identified in Haven. This affects an unknown part of the component Feed Handler. Such manipulation leads to server-side request forgery. This vulnerability is listed as CVE-2023-24060. The attack must be carried out from within the local network. In addition, an exploit is available.

A vulnerability was found in SGI IRIX up to 6.5.6. It has been declared as problematic. This issue affects some unknown processing of the component Performance Copilot. Executing manipulation can lead to information disclosure. This vulnerability appears as CVE-2000-0283. The attack may be performed from remote. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability was found in CNC Technology BizDB 1.0. It has been rated as critical. Impacted is an unknown function of the file bizdb-search.cgi. The manipulation of the argument dbname leads to improper privilege management. This vulnerability is traded as CVE-2000-0287. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. Upgrading the affected component is advised.

A vulnerability classified as critical was found in University of Washington imapd 4.7. Affected by this issue is some unknown functionality of the component LIST Command Handler. The manipulation results in memory corruption. This vulnerability is identified as CVE-2000-0284. The attack can be executed remotely. Additionally, an exploit exists. Upgrading the affected component is advised.

A vulnerability marked as critical has been reported in Linux Kernel 2.2.10/2.2.12/2.2.14. Affected by this vulnerability is an unknown functionality of the component IP Masquerading Handler. Performing manipulation as part of UDP Packet results in improper privilege management. This vulnerability is identified as CVE-2000-0289. The attack can be initiated remotely. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability labeled as problematic has been found in OneOrZero AIMS 2.6.0. This impacts an unknown function of the file index.php. Executing manipulation of the argument controller can lead to path traversal. The identification of this vulnerability is CVE-2010-4835. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability identified as critical has been detected in Insanevisions OneCMS 2.5. Affected is an unknown function of the file index.php. This manipulation of the argument User causes sql injection. This vulnerability is tracked as CVE-2010-0952. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability classified as problematic was found in Dietrich Ayala NuSOAP 0.9.5. The affected element is an unknown function. The manipulation results in cross site scripting. This vulnerability is reported as CVE-2010-3070. The attack can be launched remotely. Moreover, an exploit is present.

A vulnerability described as problematic has been identified in Insanevisions OneCMS 2.6.1. Affected is an unknown function of the file index.php. Executing manipulation of the argument view can lead to cross site scripting. This vulnerability is tracked as CVE-2010-4877. The attack can be launched remotely. Moreover, an exploit is present.

A vulnerability labeled as critical has been found in Internet-works NUs Newssystem 1.02. This affects an unknown function of the file Nus.php. The manipulation of the argument ID results in sql injection. This vulnerability is identified as CVE-2010-5060. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability, which was classified as critical, has been found in Nuked-Klan Partenaires module 1.5. This vulnerability affects unknown code of the file clic.php. Performing manipulation of the argument ID results in sql injection. This vulnerability is identified as CVE-2010-4925. The attack can be initiated remotely. Additionally, an exploit exists.

A vulnerability described as critical has been identified in Edmondhui.homeip Np Twitter 0.9. Affected by this vulnerability is an unknown functionality of the file nucleus/plugins/NP_Twitter.php. Such manipulation of the argument DIR_PLUGINS leads to code injection. This vulnerability is uniquely identified as CVE-2010-2314. The attack can be launched remotely. Moreover, an exploit is present.

A vulnerability was found in John Bradshaw Np Gallery Plugin 0.94. It has been declared as critical. The impacted element is an unknown function of the file index.php. The manipulation of the argument DIR_NUCLEUS results in code injection. This vulnerability is reported as CVE-2010-5040. The attack can be launched remotely. Moreover, an exploit is present.

A vulnerability was found in John Bradshaw Np Gallery Plugin 0.94. It has been rated as critical. This affects an unknown function of the file index.php. This manipulation of the argument ID causes sql injection. This vulnerability appears as CVE-2010-5041. The attack may be initiated remotely. In addition, an exploit is available.

A vulnerability was found in Nusoftware nuBuilder up to 10.04.20. It has been classified as problematic. This impacts an unknown function of the file productionnu2/fileuploader.php of the component Uploader. Performing manipulation of the argument dir results in path traversal. This vulnerability is cataloged as CVE-2010-2850. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. Upgrading the affected component is recommended.

A vulnerability was found in NovaBoard 1.1.2. It has been classified as critical. This impacts an unknown function of the file index.php. Performing manipulation of the argument forums[] results in sql injection. This vulnerability is cataloged as CVE-2010-0608. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.