CVE-2022-26627

Online Project Time Management System v1.0 was discovered to contain an arbitrary file write vulnerability which allows attackers to execute arbitrary code via a crafted HTML file.

Source: CVE-2022-26627

CVE-2022-25339

ownCloud owncloud/android 2.20 has Incorrect Access Control for local attackers.

Source: CVE-2022-25339

CVE-2022-25338

ownCloud owncloud/android before 2.20 has Incorrect Access Control for physically proximate attackers.

Source: CVE-2022-25338

CVE-2021-46419

An unauthorized file deletion vulnerability in Telesquare TLR-2855KS6 via DELETE method can allow deletion of system files and scripts.

Source: CVE-2021-46419

CVE-2021-46418

An unauthorized file creation vulnerability in Telesquare TLR-2855KS6 via PUT method can allow creation of CGI scripts.

Source: CVE-2021-46418

CVE-2022-23900

A command injection vulnerability in the API of the Wavlink WL-WN531P3 router, version M31G3.V5030.201204, allows an attacker to achieve unauthorized remote code execution via a malicious POST request through /cgi-bin/adm.cgi.

Source: CVE-2022-23900

CVE-2021-46416

Insecure direct object reference in SUNNY TRIPOWER 5.0 Firmware version 3.10.16.R leads to unauthorized user groups accessing due to insecure cookie handling.

Source: CVE-2021-46416

CVE-2021-46417

Insecure handling of a download function leads to disclosure of internal files due to path traversal with root privileges in Franklin Fueling Systems Colibri Controller Module 1.8.19.8580.

Source: CVE-2021-46417

CVE-2020-27374

Dr Trust USA iCheck Connect BP Monitor BP Testing 118 1.2.1 is vulnerable to a Replay Attack to BP Monitoring.

Source: CVE-2020-27374

CVE-2020-27376

Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Missing Authentication.

Source: CVE-2020-27376