Vulnerabilities > Inclusion of Functionality from Untrusted Control Sphere
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-09 | CVE-2023-49134 | A command execution vulnerability exists in the tddpd enable_test_mode functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926 and Tp-Link N300 Wireless Access Point (EAP115 V4) v5.0.4 Build 20220216. | 8.1 |
| 2024-02-09 | CVE-2024-24821 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Getcomposer Composer Composer is a dependency Manager for the PHP language. | 7.8 |
| 2024-01-16 | CVE-2022-31021 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Hyperledger Ursa 0.1.0/0.1.1/0.2.0 Ursa is a cryptographic library for use with blockchains. | 5.3 |
| 2023-12-23 | CVE-2023-6971 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Backupbliss Backup Migration The Backup Migration plugin for WordPress is vulnerable to Remote File Inclusion in versions 1.0.8 to 1.3.9 via the 'content-dir' HTTP header. | 9.8 |
| 2023-11-03 | CVE-2023-4591 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Wpn-Xm 0.8.6 A local file inclusion vulnerability has been found in WPN-XM Serverstack affecting version 0.8.6, which would allow an unauthenticated user to perform a local file inclusion (LFI) via the /tools/webinterface/index.php?page parameter by sending a GET request. | 9.8 |
| 2023-10-30 | CVE-2023-45798 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Yettiesoft Vestcert 2.3.6/2.5.29 In Yettiesoft VestCert versions 2.36 to 2.5.29, a vulnerability exists due to improper validation of third-party modules. | 9.8 |
| 2023-10-26 | CVE-2023-33559 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Ocomon Project Ocomon 3.3/4.0 A local file inclusion vulnerability via the lang parameter in OcoMon before v4.0.1 allows attackers to execute arbitrary code by supplying a crafted PHP file. | 8.8 |
| 2023-10-20 | CVE-2023-4488 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Hynotech Dropbox Folder Share 1.9.7 The Dropbox Folder Share for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.9.7 via the editor-view.php file. | 9.8 |
| 2023-10-20 | CVE-2023-5523 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in M-Files web Companion 23.8 Execution of downloaded content flaw in M-Files Web Companion before release version 23.10 and LTS Service Release Versions before 23.8 LTS SR1 allows Remote Code Execution | 7.8 |
| 2023-09-14 | CVE-2023-41267 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Apache Airflow Hdfs Provider In the Apache Airflow HDFS Provider, versions prior to 4.1.1, a documentation info pointed users to an install incorrect pip package. | 7.8 |