License serial abledating
An issue was discovered in Leptonica through 1.75.3.
A SQL injection vulnerability in an Trend Micro Email Encryption Gateway 5.5 edit policy script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system.The POST parameters are j_idt118, j_idt120, j_idt122, j_idt124, j_idt126, j_idt128, and j_idt130 under formulario Gestionar Secciones:tabla Secciones Mib:*:filter. OS command injection vulnerability in (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to execute arbitrary OS commands via the service parameter.In some cases, the authentication requirement for the attack can be met by sending the default admin credentials.SQL injection vulnerability in the management interface in e Portal Manager in Unisys Clear Path MCP OS systems with 17.0 CLEARPATHEPORTAL before 17.0a.31 and 18.0 CLEARPATHEPORTAL before 059.1a.13; and Clear Path OS 2200 systems with 16.0 EPORTAL-2200 before 2.2.81 and 17.0 EPORTAL-2200 before 2.3.82 allows remote attackers to execute arbitrary SQL commands via unspecified parameters.
Seagate Media Server in Seagate Personal Cloud has unauthenticated command injection in the upload Telemetry and get Logs functions in because URLs are handled by the fastcgi.server component and shell metacharacters are mishandled.