映射到 CWE-77,CWE-89 的搜索结果 (4754)

CVE-2016-7076(发布:2018-05-29 09:29:00)NMPS
CVSS7.2

[原文]sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp() C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to execute arbitrary commands with elevated privileges.

CVE-2018-6410(发布:2018-05-26 18:29:00)NMP
CVSS7.5

[原文]An issue was discovered in Appnitro MachForm before 4.2.3. There is a download.php SQL injection via the q parameter.

CVE-2018-7902(发布:2018-05-24 10:29:00)NM
CVSS4.0

[原文]Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON injection vulnerability. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Due to insufficient verification of the input, this could be exploited to obtain the management privilege of the system.

CVE-2018-7903(发布:2018-05-24 10:29:00)NM
CVSS4.0

[原文]Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON injection vulnerability. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Due to insufficient verification of the input, this could be exploited to obtain the management privilege of the system.

CVE-2018-7904(发布:2018-05-24 10:29:00)NM
CVSS4.0

[原文]Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON injection vulnerability. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Due to insufficient verification of the input, this could be exploited to obtain the management privilege of the system.

CVE-2018-9019(发布:2018-05-22 16:29:01)NM
CVSS7.5

[原文]SQL Injection vulnerability in Dolibarr before version 7.0.2 allows remote attackers to execute arbitrary SQL commands via the sortfield parameter to /accountancy/admin/accountmodel.php, /accountancy/admin/categories_list.php, /accountancy/admin/journals_list.php, /admin/dict.php, /admin/mails_templates.php, or /admin/website.php.

首页上一页12345678下一页尾页 第2页 / 共793页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站