Ant-Media-Serverv2.8.2 is affected by Improper Output Neutralization for Logs. The vulnerability stems from insufficient input sanitization in the logging mechanism. Without proper filtering or validation, user-controllable data, such as identifiers or other sensitive information, can be included in log entries without restrictions.

CVSS: 7.5 · CWE: CWE-125

View on NVD

WoodWing Elvis DAM v6.98.1 was discovered to contain an authenticated remote command execution (RCE) vulnerability via the Apache Ant script functionality.

CVSS: 8.8 · CWE: CWE-75

View on NVD

sofa-hessian is an internal improved version of Hessian3/4 powered by Ant Group CO., Ltd. The SOFA Hessian protocol uses a blacklist mechanism to restrict deserialization of potentially dangerous classes for security protection. But there is a gadget chain that can bypass the SOFA Hessian blacklist protection mechanism, and this gadget chain only relies on JDK and does not rely on any third-party…

CVSS: 9.8 · CWE: CWE-74

View on NVD

Ant Media Server is live streaming engine software. A local privilege escalation vulnerability in present in versions 2.6.0 through 2.8.2 allows any unprivileged operating system user account to escalate privileges to the root user account on the system. This vulnerability arises from Ant Media Server running with Java Management Extensions (JMX) enabled and authentication disabled on localhost o…

CVSS: 7.8 · CWE: CWE-862

View on NVD

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Digital Ant E-Commerce Software allows SQL Injection. This issue affects E-Commerce Software: before 11.

CVSS: 9.8 · CWE: CWE-89

View on NVD

SEMCMS v1.5 was discovered to contain a SQL injection vulnerability via the id parameter at /Ant_Suxin.php.

CVSS: 9.8 · CWE: CWE-89

View on NVD

The `Toybox.Ant.BurstPayload.add` API method in CIQ API version 2.2.0 through 4.1.7 suffers from a type confusion vulnreability, which can result in an out-of-bounds write operation. A malicious application could create a specially crafted `Toybox.Ant.BurstPayload` object, call its `add` method, override arbitrary memory and hijack the execution of the device's firmware.

CVSS: 9.8 · CWE: CWE-787

View on NVD

The `Toybox.Ant.GenericChannel.enableEncryption` API method in CIQ API version 3.2.0 through 4.1.7 does not validate its parameter, which can result in buffer overflows when copying various attributes. A malicious application could call the API method with specially crafted object and hijack the execution of the device's firmware.

CVSS: 9.8 · CWE: CWE-120

View on NVD

There is a command injection vulnerability in the Linksys E2000 router with firmware version 1.0.06. If an attacker gains web management privileges, they can inject commands into the post request parameters wl_ssid, wl_ant, wl_rate, WL_atten_ctl, ttcp_num, ttcp_size in the httpd s Start_EPI() function, thereby gaining shell privileges.

CVSS: 7.2 · CWE: CWE-77

View on NVD

There is a command injection vulnerability in the Linksys WRT54GL router with firmware version 4.30.18.006. If an attacker gains web management privileges, they can inject commands into the post request parameters wl_ant, wl_rate, WL_atten_ctl, ttcp_num, ttcp_size in the httpd s Start_EPI() function, thereby gaining shell privileges.

CVSS: 7.2 · CWE: CWE-77

View on NVD

SEMCMS 1.5 is vulnerable to SQL Injection via Ant_Rponse.php.

CVSS: 9.8 · CWE: CWE-89

View on NVD

When using Apache Shiro before 1.11.0 together with Spring Boot 2.6+, a specially crafted HTTP request may cause an authentication bypass. The authentication bypass occurs when Shiro and Spring Boot are using different pattern-matching techniques. Both Shiro and Spring Boot < 2.6 default to Ant style pattern matching. Mitigation: Update to Apache Shiro 1.11.0, or set the following Spring Boot co…

CVSS: 7.5 · CWE: CWE-436

View on NVD

SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_BlogCat.php.

CVSS: 9.8 · CWE: CWE-89

View on NVD

SEMCMS SHOP v 1.1 is vulnerable to SQL via Ant_Message.php.

CVSS: 9.8 · CWE: CWE-89

View on NVD

SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Zekou.php.

CVSS: 9.8 · CWE: CWE-89

View on NVD

SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Info.php.

CVSS: 9.8 · CWE: CWE-89

View on NVD

SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Plist.php.

CVSS: 9.8 · CWE: CWE-89

View on NVD

SEMCMS v 1.1 is vulnerable to SQL Injection via Ant_Pro.php.

CVSS: 9.8 · CWE: CWE-89

View on NVD

SEMCMS Shop V 1.1 is vulnerable to SQL Injection via Ant_Global.php.

CVSS: 9.8 · CWE: CWE-89

View on NVD

SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Menu.php.

CVSS: 9.8 · CWE: CWE-89

View on NVD

As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one without said protection, effectively nullifying the effort. This would still allow an attacker to inject modified source files into the build process.

CVSS: 7.5 · CWE: CWE-379

View on NVD

There are no Anti-CSRF tokens in any forms on the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312). This would allow an attacker to submit authenticated requests when an authenticated user browses an attacker-controlled domain.

CVSS: 8.8 · CWE: CWE-352

View on NVD

SQL injection vulnerability in main.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices, when https is used, allows remote attackers to execute arbitrary SQL commands via the ppli parameter.

CVSS: 7.5 · CWE: CWE-89

View on NVD

Unspecified vulnerability in the Administrative Scripting Tools (such as wsadmin or ANT) in IBM WebSphere Application Server 5.x and 6.0.x has unknown impact and attack vectors.

CVSS: 10.0 · CWE: N/A

View on NVD

Format string vulnerability in CA Integrated Threat Management (ITM), eTrust Antivirus (eAV), and eTrust PestPatrol (ePP) r8 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a scan job with format strings in the description field.

CVSS: 7.5 · CWE: N/A

View on NVD