A vulnerability, which was classified as problematic, has been found in OnyakTech Comments Pro 3.8. Affected by this issue is an unknown code block of the file CommentsService.ashx of the component POST Request Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Description This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to
OnyakTech Comments Pro 3.8 POST Request CommentsService.ashx inadequate encryption
A vulnerability, which was classified as problematic, has been found in OnyakTech Comments Pro 3.8. Affected by this issue is an unknown code block of the file CommentsService.ashx of the component POST Request Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
Common Vulnerabilityies and Exposures
Contact us to get started
CVE-2022-23122 : NETATALK PRIOR 3.1.13 SETFILPARAMS STACK-BASED OVERFLOW
Description This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to
CVE-2023-28102 : DISCORDRB ENCODER.RB FILE OS COMMAND INJECTION
Description discordrb is an implementation of the Discord API using Ruby. In discordrb before commit `91e13043ffa` the `encoder.rb` file unsafely
CVE-2022-4126 : ABB RCCMD PRIOR 4.40 230207 HARD-CODED PASSWORD
Description Use of Default Password vulnerability in ABB RCCMD on Windows, Linux, MacOS allows Try Common or Default Usernames and