SQL Injection vulnerability found in Kirin Fortress Machine v.1.7-2020-0610 allows attackers to execute arbitrary code via the /admin.php?controller=admin_commonuser...
9.8CVSS
9.8AI Score
0.002EPSS
By crafting a special URL it is possible to make Wicket deliver unprocessed HTML templates. This would allow an attacker to see possibly sensitive information inside a HTML template that is usually removed during rendering. Affected are Apache Wicket versions 7.16.0, 8.8.0 and...
7.5CVSS
7.2AI Score
0.008EPSS
Pragma FortressSSH 5.0 Build 4 Revision 293 and earlier handles long input to sshd.exe by creating an error-message window and waiting for the administrator to click in this window before terminating the sshd.exe process, which allows remote attackers to cause a denial of service (connection slot.....
6.6AI Score
0.028EPSS