CVE-2024-33832

OneNav v0.9.35-20240318 was discovered to contain a Server-Side Request Forgery SSRF via the component /index.php?c=api&method=getlinkinfo...

OneNav 安全漏洞

OneNav is a minimalist navigation/bookmark management system developed using PHP. A security vulnerability exists in OneNav version v0.9.35-20240318, which stems from a Server Request Forgery SSRF vulnerability in component/index.php...

PT-2024-25503 · Onenav · Onenav

Name of the Vulnerable Software and Affected Versions: OneNav version 0.9.35-20240318 Description: The issue is related to a Server-Side Request Forgery SSRF in the component "/index.php?c=api&method=get link info". This allows for potential unauthorized access to internal resources...

CVE-2024-33832

OneNav v0.9.35-20240318 is vulnerable to Server-Side Request Forgery (SSRF) via the url parameter in the get_link_info API (index.php?c=api&method=get_link_info). An attacker can force the server to make arbitrary requests, potentially accessing internal resources. The connected Nuclei template c...

Ruijie Networks RG-EG350 操作系统命令注入漏洞

Ruijie Networks RG-EG350 is a multi-service integrated gateway product from China's Ruijie Networks that solves the current egress challenges of small and medium-sized networks. An OS command injection vulnerability exists in Ruijie Networks RG-EG350 20240318 and earlier versions, which originate...

CVE-2024-2621

The vulnerability CVE-2024-2621 affects Fujian Kelixin Communication Command and Dispatch Platform (versions up to 20240318). The issue concerns an SQL injection in the file api/client/user/pwd_update.php, triggered by manipulating the uuid argument. Exploitation may be possible remotely and publ...

Fujian Kelixin Command and Dispatch Platform SQL Injection Vulnerability

Fujian Kelixin Command and Dispatch Platform is a command and dispatch platform of Fujian Kelixin Company. Fujian Kelixin Command and Dispatch Platform version 20240318 and earlier versions have a SQL injection vulnerability that originates from an unknown function in /api/client/editemedia.php,...

Fujian Kelixin Command and Dispatch Platform SQL Injection Vulnerability

Fujian Kelixin Command and Dispatch Platform is a command and dispatch platform from Fujian Kelixin Company. A SQL injection vulnerability exists in Fujian Kelixin Command and Dispatch Platform version 20240318 and earlier versions, which originates from an unknown function in...

PT-2024-21309 · Fujian Kelixin · Fujian Kelixin Communication Command/Dispatch Platform

Name of the Vulnerable Software and Affected Versions: Fujian Kelixin Communication Command and Dispatch Platform up to 20240318 Description: A critical issue has been found, affecting an unknown part of the file /api/client/editemedia.php. The manipulation of the enterprise uuid argument leads t...

PT-2024-21307 · Fujian Kelixin · Fujian Kelixin Communication Command/Dispatch Platform

Name of the Vulnerable Software and Affected Versions: Fujian Kelixin Communication Command and Dispatch Platform versions up to 20240318 Description: A critical issue has been found in the Fujian Kelixin Communication Command and Dispatch Platform, affecting an unknown functionality of the file...