CVE-2025-34024

An OS command injection vulnerability exists in the Edimax EW-7438RPn firmware version 1.13 and prior via the mp.asp form handler. The /goform/mp endpoint improperly handles user-supplied input to the command parameter. An authenticated attacker can inject shell commands using shell metacharacter...

CVE-2025-34024 Edimax EW-7438RPn Mini OS Command Injection via mp.asp

An OS command injection vulnerability exists in the Edimax EW-7438RPn firmware version 1.13 and prior via the mp.asp form handler. The /goform/mp endpoint improperly handles user-supplied input to the command parameter. An authenticated attacker can inject shell commands using shell metacharacter...

CVE-2022-34024

Barangay Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the resident module editing function at /bmis/pages/resident/resident.php...

JVN#65171386: Multiple vulnerabilities in ID Link Manager and FUJITSU Software TIME CREATOR

ID Link Manager and FUJITSU Software TIME CREATOR provided by Fsas Technologies Inc. contain multiple vulnerabilities listed below. Path Traversal CWE-36 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N Base Score 8.6 CVE-2024-33620 Missing Authentication CWE-306...

CVE-2023-34024

Cross-Site Request Forgery CSRF vulnerability in Guillemant David WP Full Auto Tags Manager plugin = 2.2 versions...

CVE-2023-34024

A vulnerability in northswitch WP Full Auto Tags Manager wp-full-auto-tags-manager.This issue affects WP Full Auto Tags Manager: from n/a through = 2.2...

CVE-2023-34024

CVE-2023-34024 concerns the WordPress plugin Guillemant David WP Full Auto Tags Manager, affected versions 2.2 if feasible, and monitor for a vendor patch or official mitigation. No exploitation details are provided in the documents.

WordPress WP Full Auto Tags Manager Plugin <= 2.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software WP Full Auto Tags Manager Type Plugin Vulnerable versions = 2.2 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-34024 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID e806b57e2695 Credits Elliot Requir...

CVE-2022-34024

creationtimestamp| type| source ---|---|--- 2022-07-19 22:40:48+00:00| seen| https://t.me/cibsecurity/46574...

CVE-2022-34024

CVE-2022-34024 affects Barangay Management System v1.0. The issue is an arbitrary file upload vulnerability in the resident module editing function at /bmis/pages/resident/resident.php, enabling an attacker to upload files that could lead to remote code execution. The NVD metric set cites CVSS v3...