10 matches found
CVE-2024-33832
OneNav v0.9.35-20240318 was discovered to contain a Server-Side Request Forgery SSRF via the component /index.php?c=api&method=getlinkinfo...
PT-2024-25503 · Onenav · Onenav
Name of the Vulnerable Software and Affected Versions: OneNav version 0.9.35-20240318 Description: The issue is related to a Server-Side Request Forgery SSRF in the component "/index.php?c=api&method=get link info". This allows for potential unauthorized access to internal resources...
OneNav 安全漏洞
OneNav is a minimalist navigation/bookmark management system developed using PHP. A security vulnerability exists in OneNav version v0.9.35-20240318, which stems from a Server Request Forgery SSRF vulnerability in component/index.php...
CVE-2024-33832
OneNav v0.9.35-20240318 is vulnerable to Server-Side Request Forgery (SSRF) via the url parameter in the get_link_info API (index.php?c=api&method=get_link_info). An attacker can force the server to make arbitrary requests, potentially accessing internal resources. The connected Nuclei template c...
Ruijie Networks RG-EG350 操作系统命令注入漏洞
Ruijie Networks RG-EG350 is a multi-service integrated gateway product from China's Ruijie Networks that solves the current egress challenges of small and medium-sized networks. An OS command injection vulnerability exists in Ruijie Networks RG-EG350 20240318 and earlier versions, which originate...
CVE-2024-2621
The vulnerability CVE-2024-2621 affects Fujian Kelixin Communication Command and Dispatch Platform (versions up to 20240318). The issue concerns an SQL injection in the file api/client/user/pwd_update.php, triggered by manipulating the uuid argument. Exploitation may be possible remotely and publ...
Fujian Kelixin Command and Dispatch Platform SQL Injection Vulnerability
Fujian Kelixin Command and Dispatch Platform is a command and dispatch platform from Fujian Kelixin Company. A SQL injection vulnerability exists in Fujian Kelixin Command and Dispatch Platform version 20240318 and earlier versions, which originates from an unknown function in...
Fujian Kelixin Command and Dispatch Platform SQL Injection Vulnerability
Fujian Kelixin Command and Dispatch Platform is a command and dispatch platform of Fujian Kelixin Company. Fujian Kelixin Command and Dispatch Platform version 20240318 and earlier versions have a SQL injection vulnerability that originates from an unknown function in /api/client/editemedia.php,...
PT-2024-21309 · Fujian Kelixin · Fujian Kelixin Communication Command/Dispatch Platform
Name of the Vulnerable Software and Affected Versions: Fujian Kelixin Communication Command and Dispatch Platform up to 20240318 Description: A critical issue has been found, affecting an unknown part of the file /api/client/editemedia.php. The manipulation of the enterprise uuid argument leads t...
PT-2024-21307 · Fujian Kelixin · Fujian Kelixin Communication Command/Dispatch Platform
Name of the Vulnerable Software and Affected Versions: Fujian Kelixin Communication Command and Dispatch Platform versions up to 20240318 Description: A critical issue has been found in the Fujian Kelixin Communication Command and Dispatch Platform, affecting an unknown functionality of the file...