Lucene search
K

10 matches found

NVD
NVD
added 2024/04/30 6:15 p.m.11 views

CVE-2024-33832

OneNav v0.9.35-20240318 was discovered to contain a Server-Side Request Forgery SSRF via the component /index.php?c=api&method=getlinkinfo...

6.3CVSS7AI score0.0072EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/30 12:0 a.m.3 views

PT-2024-25503 · Onenav · Onenav

Name of the Vulnerable Software and Affected Versions: OneNav version 0.9.35-20240318 Description: The issue is related to a Server-Side Request Forgery SSRF in the component "/index.php?c=api&method=get link info". This allows for potential unauthorized access to internal resources...

6.3CVSS6.1AI score0.0072EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/04/30 12:0 a.m.2 views

OneNav 安全漏洞

OneNav is a minimalist navigation/bookmark management system developed using PHP. A security vulnerability exists in OneNav version v0.9.35-20240318, which stems from a Server Request Forgery SSRF vulnerability in component/index.php...

6.3CVSS6.9AI score0.0072EPSS
Exploits0References2
CVE
CVE
added 2024/04/30 12:0 a.m.99 views

CVE-2024-33832

OneNav v0.9.35-20240318 is vulnerable to Server-Side Request Forgery (SSRF) via the url parameter in the get_link_info API (index.php?c=api&method=get_link_info). An attacker can force the server to make arbitrary requests, potentially accessing internal resources. The connected Nuclei template c...

6.3CVSS7.3AI score0.0072EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/03/26 12:0 a.m.5 views

Ruijie Networks RG-EG350 操作系统命令注入漏洞

Ruijie Networks RG-EG350 is a multi-service integrated gateway product from China's Ruijie Networks that solves the current egress challenges of small and medium-sized networks. An OS command injection vulnerability exists in Ruijie Networks RG-EG350 20240318 and earlier versions, which originate...

8.8CVSS6.8AI score0.03747EPSS
Exploits0References5
CVE
CVE
added 2024/03/19 1:0 a.m.128 views

CVE-2024-2621

The vulnerability CVE-2024-2621 affects Fujian Kelixin Communication Command and Dispatch Platform (versions up to 20240318). The issue concerns an SQL injection in the file api/client/user/pwd_update.php, triggered by manipulating the uuid argument. Exploitation may be possible remotely and publ...

9.8CVSS6.8AI score0.0194EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/03/19 12:0 a.m.4 views

Fujian Kelixin Command and Dispatch Platform SQL Injection Vulnerability

Fujian Kelixin Command and Dispatch Platform is a command and dispatch platform from Fujian Kelixin Company. A SQL injection vulnerability exists in Fujian Kelixin Command and Dispatch Platform version 20240318 and earlier versions, which originates from an unknown function in...

9.8CVSS8.1AI score0.0194EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/03/19 12:0 a.m.3 views

Fujian Kelixin Command and Dispatch Platform SQL Injection Vulnerability

Fujian Kelixin Command and Dispatch Platform is a command and dispatch platform of Fujian Kelixin Company. Fujian Kelixin Command and Dispatch Platform version 20240318 and earlier versions have a SQL injection vulnerability that originates from an unknown function in /api/client/editemedia.php,...

9.8CVSS8.2AI score0.00549EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/03/18 12:0 a.m.4 views

PT-2024-21309 · Fujian Kelixin · Fujian Kelixin Communication Command/Dispatch Platform

Name of the Vulnerable Software and Affected Versions: Fujian Kelixin Communication Command and Dispatch Platform up to 20240318 Description: A critical issue has been found, affecting an unknown part of the file /api/client/editemedia.php. The manipulation of the enterprise uuid argument leads t...

9.8CVSS7.2AI score0.00549EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/03/18 12:0 a.m.4 views

PT-2024-21307 · Fujian Kelixin · Fujian Kelixin Communication Command/Dispatch Platform

Name of the Vulnerable Software and Affected Versions: Fujian Kelixin Communication Command and Dispatch Platform versions up to 20240318 Description: A critical issue has been found in the Fujian Kelixin Communication Command and Dispatch Platform, affecting an unknown functionality of the file...

9.8CVSS7AI score0.00558EPSS
Exploits0References6
Rows per page
Query Builder