CVE-2025-15008

A vulnerability was detected in Tenda WH450 1.0.0.18. This affects an unknown part of the file /goform/L7Port of the component HTTP Request Handler. Performing a manipulation of the argument page results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now publ...

CVE-2025-15008 Tenda WH450 HTTP Request L7Port stack-based overflow

A vulnerability was detected in Tenda WH450 1.0.0.18. This affects an unknown part of the file /goform/L7Port of the component HTTP Request Handler. Performing a manipulation of the argument page results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now publ...

CVE-2016-15008

A vulnerability was found in oxguy3 coebot-www and classified as problematic. This issue affects the function displayChannelCommands/displayChannelQuotes/displayChannelAutoreplies/showChannelHighlights/showChannelBoir of the file js/channel.js. The manipulation leads to cross site scripting. The...

CVE-2017-15008

PRTG Network Monitor version 17.3.33.2830 is vulnerable to stored Cross-Site Scripting on all sensor titles, related to incorrect error handling for a %00 in the SRC attribute of an IMG element...

CVE-2019-15008

creationtimestamp| type| source ---|---|--- 2024-03-10 12:41:43+00:00| seen| https://t.me/ctinow/204235...

CVE-2016-15008

CVE-2016-15008 affects the oxguy3 coebot-www project, specifically the functions displayChannelCommands, displayChannelQuotes, displayChannelAutoreplies, showChannelHighlights, and showChannelBoir in js/channel.js. The issue permits cross-site scripting and can be triggered remotely via the affec...

CVE-2020-15008

creationtimestamp| type| source ---|---|--- 2020-07-08 00:55:18+00:00| seen| https://t.me/cibsecurity/13313...

CVE-2020-15008

A SQLi exists in the probe code of all Connectwise Automate versions before 2020.7 or 2019.12. A SQL Injection in the probe implementation to save data to a custom table exists due to inadequate server side validation. As the code creates dynamic SQL for the insert statement and utilizes the user...

CVE-2020-15008

Summary: CVE-2020-15008 affects ConnectWise Automate prior to 2020.7 and the 2019.12 hotfix, where the probe code contains a SQL injection flaw in the data insertion path. The vulnerability arises from dynamic SQL construction that uses a user-supplied table name with minimal validation, enabling...

CVE-2019-15008

CVE-2019-15008 affects Atlassian FishEye and Crucible (pre-4.7.3). The /plugins/servlet/branchreview resource is vulnerable to cross-site scripting via the reviewedBranch parameter, allowing remote attackers to inject arbitrary HTML/JavaScript. Impact is XSS in affected web sessions; exploitation...

CVE-2017-15008

CVE-2017-15008 affects PRTG Network Monitor version 17.3.33.2830. The issue is a stored Cross-Site Scripting vulnerability in sensor titles caused by incorrect error handling for a %00 in the SRC attribute of an IMG element. This could allow an attacker to inject script or HTML when malicious dat...