CVE-2022-22724

A CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause a denial of service on ports 80 HTTP and 502 Modbus, when sending a large number of TCP RST or FIN packets to any open TCP port of the PLC. Affected Product: Modicon M340 CPUs: BMXP34 All Versions...

CVE-2025-22724

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MojofyWP Product Carousel For WooCommerce – WoorouSell allows Stored XSS.This issue affects Product Carousel For WooCommerce – WoorouSell: from n/a through 1.1.0...

CVE-2025-22724 WordPress Product Carousel For WooCommerce – WoorouSell plugin <= 1.1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MojofyWP Product Carousel For WooCommerce – WoorouSell allows Stored XSS.This issue affects Product Carousel For WooCommerce – WoorouSell: from n/a through 1.1.0...

CVE-2025-22724

CVE-2025-22724 is a Stored XSS in MojofyWP Product Carousel For WooCommerce – WoorouSell affecting versions up to 1.1.0. The CVSSv3.1 metric indicates 6.5 base score (AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L). Public sources (Red Hat and Wordfence) corroborate the vulnerability and note that a fix has...

CVE-2024-5505 NETGEAR ProSAFE Network Management System UpLoadServlet Directory Traversal Remote Code Execution Vulnerability

NETGEAR ProSAFE Network Management System UpLoadServlet Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this...

CVE-2024-5505

CVE-2024-5505 concerns the NETGEAR ProSAFE Network Management System, where the UpLoadServlet contains a directory traversal flaw that lacks proper validation of a user-supplied path in file operations. This leads to remote code execution with SYSTEM privileges. Exploitation is described as requi...

CVE-2024-5505 NETGEAR ProSAFE Network Management System UpLoadServlet Directory Traversal Remote Code Execution Vulnerability

NETGEAR ProSAFE Network Management System UpLoadServlet Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR ProSAFE Network Management System. Authentication is required to exploit this...

CVE-2024-22724

OSCommerce v4 is affected by CVE-2024-22724. The issue allows local attackers to bypass file upload restrictions in the administrator profile photo upload feature and execute arbitrary code. Documents consistently describe a local, credentialed path to code execution via file upload, but do not p...

Schneider Electric Modicon Uncontrolled Resource Consumption (CVE-2022-22724)

A CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause a denial of service on ports 80 HTTP and 502 Modbus, when sending a large number of TCP RST or FIN packets to any open TCP port of the PLC. Affected Product: Modicon M340 CPUs: BMXP34 All Versions This plugin only...

CVE-2022-22724

creationtimestamp| type| source ---|---|--- 2022-02-05 02:45:35+00:00| seen| https://t.me/cibsecurity/36913...

CVE-2022-22724

A CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause a denial of service on ports 80 HTTP and 502 Modbus, when sending a large number of TCP RST or FIN packets to any open TCP port of the PLC. Affected Product: Modicon M340 CPUs: BMXP34 All Versions...

CVE-2022-22724

CVE-2022-22724 affects Schneider Electric Modicon M340 BMXP34 controllers (all versions). The root cause is CWE-400 Uncontrolled Resource Consumption, enabling a denial of service by flooding TCP ports 80 (HTTP) and 502 (Modbus) with a large number of RST/FIN packets to any open TCP port. Documen...

CVE-2021-22724

A CVE-352 Cross-Site Request Forgery CSRF vulnerability exists that could allow an attacker to impersonate the user or carry out actions on their behalf when crafted malicious parameters are submitted in POST requests sent to the charging station web server. Affected Products: EVlink City EVC1S22...

CVE-2021-22724

Schneider Electric EVlink CSRF vulnerability (CVE-2021-22724) affects EVlink City EVC1S22P4/EVC1S7P4, EVlink Parking EVW2/EVF2/EVP2PE, and EVlink Smart Wallbox EVB1A, all versions prior to R8 V3.4.0.2. A Cross-Site Request Forgery exists in the charging-station web server that can allow an attack...

Mercury Router Command Injection (CVE-2020-22724)

A command injection vulnerability exists in Mercury Router. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

CVE-2020-22724

A remote command execution vulnerability exists in addserverservice of PPTPSERVER in Mercury Router MER1200 v1.0.1 and Mercury Router MER1200G v1.0.1...

CVE-2020-22724

Mercury Router MER1200 v1.0.1 and MER1200G v1.0.1 expose a remote command execution via the PPTP_SERVER add_server_service component. Multiple sources (NVD/NVD-derived entries, CNNVD, PT Security) describe a command-injection flaw in add_server_service of PPTP_SERVER that allows arbitrary command...

heymanga.me XSS vulnerability

Vulnerable URL: https://www.heymanga.me///search.php?name= Details: Description| Value ---|--- Patched:| Yes, at 28.11.2017 Latest check for patch:| 28.11.2017 10:47 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 22724 VIP website status:| Yes Coordinated...