Export limit exceeded: 363618 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (363618 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-58453 | 1 Jaiotlink | 1 C492a-w6 Wi-fi Ip Camera | 2026-07-06 | 9.8 Critical |
| JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a hard-coded credentials vulnerability that allows network-adjacent attackers to gain unauthorized access by using the default admin username with an empty password accepted by the anyka_ipc HTTP service on port 80. Attackers can authenticate with these hardcoded credentials to access camera snapshots, video streams, network configuration, and factory-level API endpoints including the SetMAC command injection surface. | ||||
| CVE-2026-58454 | 1 Jaiotlink | 1 C492a-w6 Wi-fi Ip Camera | 2026-07-06 | 7.5 High |
| JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a remote code execution vulnerability that allows authenticated attackers to execute arbitrary shell scripts by writing to the writable persistent JFFS2 storage path and triggering execution through the authenticated HTTP endpoint. Attackers can stage a malicious script in the writable persistent storage and request the config endpoint to invoke it via popen(), achieving persistent remote code execution that survives device reboots. | ||||
| CVE-2026-13211 | 1 Genua | 1 Genucenter | 2026-07-06 | 4.3 Medium |
| The genucenter web interface before version 8.0p11 unnecessarily exposes sensitive SNMP authentication and encryption keys in its HTTP responses to users with the “Service” or “Admin” role. | ||||
| CVE-2026-34096 | 1 Guardian | 1 Language-system | 2026-07-06 | 4.6 Medium |
| Guardian language-system fails to sanitize the name GET parameter before outputting it into an HTML input value attribute in designer.php (line 57). An authenticated attacker can craft a URL containing script tags that execute in the victim's browser session. | ||||
| CVE-2026-34097 | 1 Guardian | 1 Language-system | 2026-07-06 | 4.6 Medium |
| Guardian language-system fails to sanitize the id GET parameter before inserting it into multiple HTML form action attributes in text_file.php (lines 94, 101, 323, 403, 826, 852). An authenticated attacker can craft a URL that injects script tags executing in the victim's browser session. | ||||
| CVE-2026-34098 | 1 Guardian | 1 Language-system | 2026-07-06 | 4.6 Medium |
| Guardian language-system fails to sanitize the id GET parameter before inserting it into HTML source and form action attributes in media.php (lines 119, 129). An authenticated attacker can craft a URL that injects script tags executing in the victim's browser session. | ||||
| CVE-2026-34099 | 1 Guardian | 1 Language-system | 2026-07-06 | 9.8 Critical |
| Guardian language-system passes the id GET parameter directly into an unsanitized SQL query in job_info.php (line 16): SELECT * FROM jobs where id = '\".$_GET['id'].\"'. No authentication is required. An unauthenticated attacker can perform error-based SQL injection to extract the database version, current user, schema names, and table contents. | ||||
| CVE-2026-34100 | 1 Guardian | 1 Language-system | 2026-07-06 | 9.8 Critical |
| Guardian language-system passes the id GET parameter directly into an unsanitized SQL query in media.php (line 17): SELECT id, filename, extension, type, duration, owner, private FROM files where id = '\".$_GET['id'].\"'. An authenticated attacker can perform error-based SQL injection to extract database contents. | ||||
| CVE-2026-34101 | 1 Guardian | 1 Language-system | 2026-07-06 | 9.8 Critical |
| Guardian language-system passes the id GET parameter directly into an unsanitized SQL query in text_file.php (line 17): SELECT id, filename, extension, type, duration, owner, private FROM files where id = '\".$_GET['id'].\"'. An authenticated attacker can perform error-based SQL injection to extract database contents. | ||||
| CVE-2026-34102 | 1 Guardian | 1 Language-system | 2026-07-06 | 9.8 Critical |
| Guardian language-system passes the id GET parameter directly into an unsanitized SQL query in job_info_get.php (line 16): SELECT * FROM jobs where input1 = '\".$_GET['id'].\"'. An authenticated attacker can perform error-based SQL injection to extract database contents. | ||||
| CVE-2026-34103 | 1 Guardian | 1 Language-system | 2026-07-06 | 9.8 Critical |
| Guardian language-system passes the id GET parameter directly into an unsanitized SQL query in subtitles.php (line 16): SELECT id, filename, extension, type FROM files where id = '\".$_GET['id'].\"'. An authenticated attacker can perform error-based SQL injection to extract database contents. | ||||
| CVE-2026-34104 | 1 Guardian | 1 Language-system | 2026-07-06 | 9.8 Critical |
| Guardian language-system passes the name GET parameter directly into an unsanitized SQL query in designer.php (line 124): SELECT * FROM complex WHERE name='\".$_GET['name'].\"'. An authenticated attacker can perform error-based SQL injection to extract database contents. | ||||
| CVE-2026-34105 | 1 Guardian | 1 Language-system | 2026-07-06 | 9.8 Critical |
| Guardian language-system passes the id GET parameter directly into an unsanitized SQL query in translate_text.php (line 15): SELECT id, filename, extension, type FROM files where id = '\".$_GET['id'].\"'. An authenticated attacker can perform error-based SQL injection to extract database contents. | ||||
| CVE-2026-34106 | 1 Guardian | 1 Language-system | 2026-07-06 | 9.8 Critical |
| Guardian language-system passes the id GET parameter directly into a PHP exec() call in subtitles.php (line 19) without sanitization: exec(\"php jobs/subtitle_rendering.php \".$login_session.\" \".$_GET['id'].\" ...\"). No authentication is required. An unauthenticated remote attacker can append shell metacharacters to the id parameter to execute arbitrary OS commands on the server. | ||||
| CVE-2026-34107 | 1 Guardian | 1 Language-system | 2026-07-06 | 9.8 Critical |
| Guardian language-system passes the id GET parameter directly into a PHP exec() call in translate.php (line 14) without sanitization: exec(\"php jobs/translate.php \".$login_session.\" \".$_GET['id'].\" ...\"). No authentication is required. An unauthenticated remote attacker can append shell metacharacters to execute arbitrary OS commands on the server. | ||||
| CVE-2026-34108 | 1 Guardian | 1 Language-system | 2026-07-06 | 9.8 Critical |
| Guardian language-system passes the id GET parameter directly into a PHP exec() call in text.php (line 15) without sanitization: exec(\"php jobs/text.php \".$login_session.\" \".$_GET['id'].\" ...\"). No authentication is required. An unauthenticated remote attacker can append shell metacharacters to execute arbitrary OS commands on the server. | ||||
| CVE-2026-34109 | 1 Guardian | 1 Language-system | 2026-07-06 | 9.8 Critical |
| Guardian language-system passes the id GET parameter directly into a PHP exec() call in speech.php (line 18) without sanitization: exec(\"php jobs/speech_audio.php \".$login_session.\" \".$_GET['id'].\" ...\"). No authentication is required. An unauthenticated remote attacker can append shell metacharacters to execute arbitrary OS commands on the server. | ||||
| CVE-2026-34110 | 1 Guardian | 1 Language-system | 2026-07-06 | 9.8 Critical |
| Guardian language-system passes the id GET parameter directly into a PHP exec() call in complex_start.php (line 14) without sanitization: exec(\"php jobs/complex.php \".$login_session.\" \".$_GET['id'].\" ...\"). No authentication is required. An unauthenticated remote attacker can append shell metacharacters to execute arbitrary OS commands on the server. | ||||
| CVE-2026-34111 | 1 Guardian | 1 Language-system | 2026-07-06 | 9.8 Critical |
| Guardian language-system passes the id GET parameter directly into a PHP exec() call in speechmac_text.php (line 18) without sanitization: exec(\"php jobs/speech_audio_mac_text.php \".$login_session.\" \".$_GET['id'].\" ...\"). No authentication is required. An unauthenticated remote attacker can append shell metacharacters to execute arbitrary OS commands on the server. | ||||
| CVE-2026-34112 | 1 Guardian | 1 Language-system | 2026-07-06 | 9.8 Critical |
| Guardian language-system passes the id GET parameter directly into a PHP exec() call in speechmac.php (line 18) without sanitization: exec(\"php jobs/speech_audio_mac.php \".$login_session.\" \".$_GET['id'].\" ...\"). No authentication is required. An unauthenticated remote attacker can append shell metacharacters to execute arbitrary OS commands on the server. | ||||