16 matches found
CVE-2021-24219
creationtimestamp| type| source ---|---|--- 2025-09-24 05:15:10+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-24219.yaml 2025-09-28 21:02:27+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lzwfez6mib23...
CVE-2020-24219
creationtimestamp| type| source ---|---|--- 2025-02-21 12:27:07+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/1948 2026-02-05 21:02:48+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3me5bzexsig2c...
CVE-2023-24219
LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/UserMapper.xml...
CVE-2023-24219
LuckyframeWEB v3.5 was discovered to contain a SQL injection vulnerability via the dataScope parameter at /system/UserMapper.xml...
CVE-2023-24219
CVE-2023-24219 affects LuckyframeWEB v3.5. The vulnerability is a SQL injection in the dataScope parameter of /system/UserMapper.xml. The root cause, as described in the sources, is improper handling/use of user-supplied data in dataScope, leading to high-severity impact (CVE metrics show Confide...
CVE-2022-24219
creationtimestamp| type| source ---|---|--- 2022-02-01 22:26:51+00:00| seen| https://t.me/cibsecurity/36662...
CVE-2022-24219
CVE-2022-24219 affects eliteCMS v1.0, with a SQL injection in the /admin/edit_page.php path. The root cause is unsanitized or improperly validated SQL statements in the edit_page.php component, enabling an attacker to manipulate queries and potentially access or modify data. Public documents cons...
CVE-2021-24219
The Thrive Optimize WordPress plugin before 1.4.13.3, Thrive Comments WordPress plugin before 1.4.15.3, Thrive Headline Optimizer WordPress plugin before 1.3.7.3, Thrive Leads WordPress plugin before 2.3.9.4, Thrive Ultimatum WordPress plugin before 2.3.9.4, Thrive Quiz Builder WordPress plugin...
CVE-2021-24219 All Thrive Themes and Plugins - Unauthenticated Option Update
The Thrive Optimize WordPress plugin before 1.4.13.3, Thrive Comments WordPress plugin before 1.4.15.3, Thrive Headline Optimizer WordPress plugin before 1.3.7.3, Thrive Leads WordPress plugin before 2.3.9.4, Thrive Ultimatum WordPress plugin before 2.3.9.4, Thrive Quiz Builder WordPress plugin...
CVE-2021-24219
The CVE-2021-24219 entry concerns a REST API endpoint in Thrive Themes plugins/themes (e.g., Thrive Optimize and related plugins, and several Thrive Themes themes) that was intended to require an API key for access but could be reached with an empty api_key parameter when Zapier was not enabled. ...
VulnCheck KEV: CVE-2021-24219
The Thrive Optimize WordPress plugin before 1.4.13.3, Thrive Comments WordPress plugin before 1.4.15.3, Thrive Headline Optimizer WordPress plugin before 1.3.7.3, Thrive Leads WordPress plugin before 2.3.9.4, Thrive Ultimatum WordPress plugin before 2.3.9.4, Thrive Quiz Builder WordPress plugin...
Arbitrary Command Injection Over HTTP Traffic (CVE-2020-19165; CVE-2020-24219; CVE-2020-28477; CVE-2021-26747; CVE-2021-27328)
Arbitrary Command Injection Over HTTP Traffic...
HiSilicon Video Encoder 1.97 File Disclosure / Path Traversal
!/usr/bin/env bash Exploit Title: HiSilicon video encoders - unauthenticated file disclosure via path traversal Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: https://www.szuray.com/ Software Link: N/A Version: up to 1.97 Tested on: Linux CVE: CVE-2020-24219 Vendors: URayTech...
HiSilicon Video Encoders - Unauthenticated file disclosure via path traversal
!/usr/bin/env bash Exploit Title: HiSilicon video encoders - unauthenticated file disclosure via path traversal Date: 2020-09-20 Exploit Author: Alexei Kojenov Vendor Homepage: https://www.szuray.com/ Software Link: N/A Version: up to 1.97 Tested on: Linux CVE: CVE-2020-24219 Vendors: URayTech...
CVE-2020-24219
CVE-2020-24219 affects URayTech IPTV/H.264/H.265 video encoders (up to v1.97). The vulnerability is a path traversal/pattern-matching flaw in unauthenticated HTTP handling that allows an attacker to read files from the device, including the configuration file containing the cleartext admin passwo...
IPTV encoder devices contain multiple vulnerabilities
Overview Multiple vulnerabilities exist in various Video Over IP Internet Protocol encoder devices, also known as IPTV/H.264/H.265 video encoders. These vulnerabilities allow an unauthenticated remote attacker to execute arbitrary code and perform other unauthorized actions on a vulnerable system...