1998 matches found
Ghost unauthorized newsletter modification vulnerability
Talos Vulnerability Report TALOS-2022-1624 Ghost unauthorized newsletter modification vulnerability December 21, 2022 CVE Number CVE-2022-41654 SUMMARY An authentication bypass vulnerability exists in the newsletter subscription functionality of Ghost Foundation Ghost 5.9.4. A specially-crafted...
PT-2022-27894 · Tenda · Tenda F1203
Name of the Vulnerable Software and Affected Versions: Tenda F1203 version 2.0.1.6 Description: A buffer overflow issue was discovered via the entrys parameter at the "/goform/addressNat" API endpoint. Recommendations: For Tenda F1203 version 2.0.1.6, consider restricting access to the...
PT-2022-27897 · Tenda · Tenda F1203
Name of the Vulnerable Software and Affected Versions: Tenda F1203 version 2.0.1.6 Description: A buffer overflow issue was discovered via the mitInterface parameter at the "/goform/addressNat" API endpoint. Recommendations: For Tenda F1203 version 2.0.1.6, as a temporary workaround, consider...
PT-2022-27899 · Tenda · Tenda F1203
Name of the Vulnerable Software and Affected Versions: Tenda F1203 version 2.0.1.6 Description: A buffer overflow issue was discovered via the page parameter at the "/goform/NatStaticSetting" API endpoint. Recommendations: For Tenda F1203 version 2.0.1.6, consider restricting access to the...
PT-2022-27888 · Tenda · Tenda F1203
Name of the Vulnerable Software and Affected Versions: Tenda F1203 version 2.0.1.6 Description: A buffer overflow issue was discovered via the speed dir parameter at the "/goform/SetSpeedWan" API endpoint. Recommendations: For Tenda F1203 version 2.0.1.6, as a temporary workaround, consider...
PT-2022-27903 · Tenda · Tenda F1203
Name of the Vulnerable Software and Affected Versions: Tenda F1203 version 2.0.1.6 Description: A buffer overflow issue was discovered via the deviceId parameter at the "/goform/saveParentControlInfo" API endpoint. This issue allows for potential exploitation. Recommendations: For Tenda F1203...
PT-2022-24424 · Unknown · Logrocket-Oauth2-Example
Name of the Vulnerable Software and Affected Versions: logrocket-oauth2-example versions prior to 2020-05-27 Description: The issue allows SQL injection via the /auth/register API endpoint, specifically through the username parameter. Recommendations: For versions prior to 2020-05-27, as a...
PT-2022-27748 · Unknown · Helmet Store Showroom Site
Name of the Vulnerable Software and Affected Versions: Helmet Store Showroom Site version 1.0 Description: The issue is related to SQL Injection. It can be exploited via the "/hss/admin/categories/view category.php?id=" API endpoint, specifically through the id variable. Recommendations: For Helm...
PT-2022-27743 · Unknown · Helmet Store Showroom Site
Name of the Vulnerable Software and Affected Versions: Helmet Store Showroom Site version 1.0 Description: The issue is related to SQL Injection. It can be exploited via the "/hss/?page=product per brand&bid=" API endpoint. The bid variable is vulnerable to SQL Injection attacks. Recommendations:...
PT-2022-27454 · Unknown · Dynamic Transaction Queuing System
Name of the Vulnerable Software and Affected Versions: Dynamic Transaction Queuing System version 1.0 Description: The issue is related to an arbitrary file upload vulnerability in the "/queuing/admin/ajax.php?action=save settings" API endpoint. This vulnerability allows attackers to execute...
PT-2022-27545 · Tenda · Tenda W6-S
Name of the Vulnerable Software and Affected Versions: Tenda W6-S version 1.0.0.4510 Description: A stack overflow issue was discovered, which can be triggered via the linkEn parameter at the "/goform/setAutoPing" API endpoint. Recommendations: For Tenda W6-S version 1.0.0.4510, avoid using the...
PT-2022-27564 · Tenda · Tenda W30E
Name of the Vulnerable Software and Affected Versions: Tenda W30E version 1.0.1.25633 Description: A stack overflow issue was discovered via the page parameter at the "/goform/SafeClientFilter" API endpoint. Recommendations: For Tenda W30E version 1.0.1.25633, avoid using the page parameter in th...
PT-2022-27558 · Tenda · Tenda W30E
Name of the Vulnerable Software and Affected Versions: Tenda W30E version 1.0.1.25633 Description: A stack overflow issue was discovered, which can be triggered via the page parameter at the "/goform/NatStaticSetting" API endpoint. Recommendations: For Tenda W30E version 1.0.1.25633, consider...
PT-2022-27566 · Tenda · Tenda W30E
Name of the Vulnerable Software and Affected Versions: Tenda W30E version 1.0.1.25633 Description: A stack overflow issue was discovered via the opttype parameter at the "/goform/IPSECsave" API endpoint. Recommendations: For Tenda W30E version 1.0.1.25633, as a temporary workaround, consider...
PT-2022-27550 · Tenda · Tenda W30E
Name of the Vulnerable Software and Affected Versions: Tenda W30E version 1.0.1.25633 Description: A stack overflow issue was discovered via the new account parameter at the "/goform/editUserName" API endpoint. This issue affects the specified version of the Tenda W30E device. Recommendations: Fo...
PT-2022-27554 · Tenda · Tenda W30E
Name of the Vulnerable Software and Affected Versions: Tenda W30E version 1.0.1.25633 Description: A stack overflow issue was discovered via the page parameter at the "/goform/SafeEmailFilter" API endpoint. This issue affects the Tenda W30E router. Recommendations: For Tenda W30E version...
PT-2022-27549 · Tenda · Tenda W30E
Name of the Vulnerable Software and Affected Versions: Tenda W30E version 1.0.1.25633 Description: A stack overflow issue was discovered via the editNameMit parameter at the "/goform/editFileName" API endpoint. Recommendations: For Tenda W30E version 1.0.1.25633, as a temporary workaround, consid...
PT-2022-27565 · Tenda · Tenda W30E
Name of the Vulnerable Software and Affected Versions: Tenda W30E version 1.0.1.25633 Description: A stack overflow issue was discovered via the page parameter at the "/goform/L7Im" API endpoint. Recommendations: For Tenda W30E version 1.0.1.25633, as a temporary workaround, consider restricting...
PT-2022-27559 · Tenda · Tenda W30E
Name of the Vulnerable Software and Affected Versions: Tenda W30E version 1.0.1.25633 Description: A stack overflow issue was discovered via the page parameter at the "/goform/VirtualSer" API endpoint. Recommendations: For Tenda W30E version 1.0.1.25633, consider disabling access to the...
PT-2022-27547 · Tenda · Tenda W30E
Name of the Vulnerable Software and Affected Versions: Tenda W30E version 1.0.1.25633 Description: A stack overflow issue was discovered via the cmdinput parameter at the "/goform/exeCommand" API endpoint. Recommendations: For Tenda W30E version 1.0.1.25633, consider restricting access to the...