80 matches found
Campcodes Complete Web-Based School Management System 跨站脚本漏洞
Campcodes Complete Web-Based School Management System is a Web-based school management system from Campcodes, Inc. A cross-site scripting vulnerability exists in version 1.0 of the Campcodes Complete Web-Based School Management System, which stems from a cross-site scripting vulnerability in the...
Command injection
TOTOLINK A3300R V17.0.0cu.557B20221024 was discovered to contain a command injection vulnerability via the desc parameter in the setWiFiAclRules function...
PT-2024-20366 · Totolink · Totolink A3300R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A3300R version 17.0.0cu.557 B20221024 Description: A command injection issue was discovered via the desc parameter in the setWiFiAclRules function. This allows for potential command injection attacks. Recommendations: For TOTOLINK...
TOTOLINK A3300R 安全漏洞
TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK A3300R version V17.0.0cu.557B20221024, which stems from the desc parameter of the setWiFiAclRules method failing to correctly filter the construct command special...
CVE-2023-45121 Online Examination System v1.0 - Multiple Authenticated SQL Injections (SQLi)
Online Examination System v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'desc' parameter of the /update.php?q=addquiz resource does not validate the characters received and they are sent unfiltered to the database...
PT-2023-29815 · Unknown · Geeklog-Core
Name of the Vulnerable Software and Affected Versions: Geeklog-Core geeklog version 2.2.2 Description: A Cross Site Scripting XSS issue allows a remote attacker to execute arbitrary code via a crafted payload to the grp desc parameter of the "admin/group.php" component. This enables the attacker ...
PT-2023-12763 · Audiocodes · Audiocodes Device Manager Express
Name of the Vulnerable Software and Affected Versions: AudioCodes Device Manager Express versions through 7.8.20002.47752 Description: The issue is related to stored XSS via the desc parameter in the "ajaxTenants.php" endpoint. Recommendations: For AudioCodes Device Manager Express versions throu...
CVE-2022-32045
TOTOLINK T6 V4.1.9cu.5179B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN00413be4...
CVE-2022-32052
TOTOLINK T6 V4.1.9cu.5179B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN004137a4...
CVE-2022-32045
TOTOLINK T6 V4.1.9cu.5179B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN00413be4...
CVE-2022-32046
TOTOLINK T6 V4.1.9cu.5179B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN0041880c...
CVE-2022-32046
TOTOLINK T6 V4.1.9cu.5179B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN0041880c...
CVE-2022-32047
TOTOLINK T6 V4.1.9cu.5179B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN00412ef4...
Stack overflow
TOTOLINK T6 V4.1.9cu.5179B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN004137a4...
Stack overflow
TOTOLINK T6 V4.1.9cu.5179B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN00413be4...
Stack overflow
TOTOLINK T6 V4.1.9cu.5179B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN00412ef4...
Stack overflow
TOTOLINK T6 V4.1.9cu.5179B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN0041880c...
CVE-2022-32045
TOTOLINK T6 V4.1.9cu.5179B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN00413be4...
CVE-2022-32047
CVE-2022-32047 concerns a stack overflow in TOTOLINK T6 V4.1.9cu.5179_B20201015, triggered by the desc parameter in the function FUN_00412ef4 . The evidence consistently states that the vulnerability arises from not checking input length in this function, enabling a stack overflow that can lead t...
CVE-2022-32046
TOTOLINK T6 V4.1.9cu.5179B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN0041880c...