PT-2022-11663 · Unknown · Simplerisk

Name of the Vulnerable Software and Affected Versions: SimpleRisk versions prior to 20220306-001 Description: A vulnerability has been found in SimpleRisk, classified as problematic. It affects the function checkAndSetValidation of the file simplerisk/js/common.js. The manipulation of the argumen...

PT-2022-27719 · WordPress · Wp-English-Wp-Admin

Name of the Vulnerable Software and Affected Versions: wp-english-wp-admin Plugin versions prior to 1.5.2 Description: A vulnerability was found in the wp-english-wp-admin Plugin, affecting the register endpoints function of the file english-wp-admin.php. This issue leads to cross-site request...

PT-2022-27931 · Totolink · Totolink A7100Ru

Name of the Vulnerable Software and Affected Versions: TOTOlink A7100RU version 7.4cu.2313 B20191024 Description: A command injection issue was discovered via the wscDisabled parameter in the setting/setWiFiWpsCfg function. This allows for potential exploitation. Recommendations: For TOTOlink...

PT-2022-16655 · Unknown · Cycle-Import-Check

Name of the Vulnerable Software and Affected Versions: cycle-import-check versions prior to 1.3.2 Description: The issue is related to Command Injection via the writeFileToTmpDirAndOpenIt function due to improper user-input sanitization. This allows for potential exploitation. No information is...

PT-2022-27707 · Tenda · Tenda Ax12

Name of the Vulnerable Software and Affected Versions: Tenda AX12 version V22.03.01.21 CN Description: The issue is related to a command injection vulnerability. This vulnerability can be exploited via the /goform/setMacFilterCfg function. Recommendations: For Tenda AX12 version V22.03.01.21 CN, ...

PT-2022-26955 · Linzhaoguan · Linzhaoguan Pb-Cms

Name of the Vulnerable Software and Affected Versions: LinZhaoguan pb-cms version 2.0 Description: A vulnerability has been found in the function IpUtil.getIpAddr, which leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be use...

PT-2022-27541 · Tenda · Tenda W6-S

Name of the Vulnerable Software and Affected Versions: Tenda W6-S version 1.0.0.4510 Description: A command injection issue was found in the tpi get ping output function at the "/goform/exeCommand" API endpoint. Recommendations: For Tenda W6-S version 1.0.0.4510, consider disabling the tpi get pi...

PT-2022-27604 · Tenda · Tenda Ac6V1.0

Name of the Vulnerable Software and Affected Versions: Tenda AC6V1.0 version 15.03.05.19 Description: A buffer overflow issue was discovered via the time parameter in the setSmartPowerManagement function. This issue can be exploited, potentially leading to unintended consequences. Recommendations...

PT-2022-27614 · Tenda · Tenda I22

Name of the Vulnerable Software and Affected Versions: Tenda i22 version 1.0.0.34687 Description: A buffer overflow issue was discovered via the appData parameter in the formSetAppFilterRule function. This issue allows for potential exploitation. No information is provided about the estimated...

PT-2022-27615 · Tenda · Tenda I22

Name of the Vulnerable Software and Affected Versions: Tenda i22 version 1.0.0.34687 Description: A buffer overflow issue was discovered via the formWx3AuthorizeSet function. Recommendations: For Tenda i22 version 1.0.0.34687, consider disabling the formWx3AuthorizeSet function until a patch is...

PT-2022-27605 · Tenda · Tenda I22

Name of the Vulnerable Software and Affected Versions: Tenda i22 version 1.0.0.34687 Description: A buffer overflow issue was discovered via the index parameter in the formWifiMacFilterSet function. This issue can be exploited, potentially leading to unintended consequences. Recommendations: For...

PT-2022-27343 · Unknown · Rukovoditel

Name of the Vulnerable Software and Affected Versions: Rukovoditel version 3.2.1 Description: The issue is related to a stored cross-site scripting XSS vulnerability in the Add Announcement function at "/index.php?module=help pages/pages&entities id=24". This allows attackers to execute arbitrary...

PT-2022-27159 · Totolink · Totolink Lr350

Name of the Vulnerable Software and Affected Versions: TOTOLINK LR350 version 9.3.5u.6369 B20220309 Description: The issue is a post-authentication buffer overflow that occurs via the sPort/ePort parameter in the setIpPortFilterRules function. This allows for potential exploitation after...

PT-2022-27136 · Tenda · Tenda Ac18

Name of the Vulnerable Software and Affected Versions: Tenda AC18 version 15.03.05.19 Description: The issue is related to a Buffer Overflow that can be triggered via the fromSetRouteStatic function. Recommendations: For Tenda AC18 version 15.03.05.19, consider disabling the fromSetRouteStatic...

PT-2022-27125 · Tenda · Tenda Ac15

Name of the Vulnerable Software and Affected Versions: Tenda AC15 version 15.03.05.19 Description: The issue is related to a Buffer Overflow that can be triggered via the formSetIpMacBind function. This allows for potential exploitation. No information is provided about the estimated number of...

PT-2022-27132 · Tenda · Tenda Ac18

Name of the Vulnerable Software and Affected Versions: Tenda AC18 version 15.03.05.19 Description: The issue is related to a Buffer Overflow that can be triggered via the form fast setting wifi set function. This can potentially allow for unauthorized access or code execution. Recommendations: Fo...

PT-2022-27140 · Tenda · Tenda Ac18

Name of the Vulnerable Software and Affected Versions: Tenda AC18 version 15.03.05.19 Description: The issue is related to a Buffer Overflow that can be triggered via the formSetWifiGuestBasic function. This allows for potential exploitation. Recommendations: For Tenda AC18 version 15.03.05.19,...

PT-2022-27128 · Tenda · Tenda Ac21

Name of the Vulnerable Software and Affected Versions: Tenda AC21 version 16.03.08.15 Description: The issue is related to a Buffer Overflow that can be triggered via the formSetMacFilterCfg function. This can potentially allow for unauthorized access or code execution. Recommendations: For Tenda...

PT-2022-25457 · Unknown · Davidmoreno Onion

Name of the Vulnerable Software and Affected Versions: davidmoreno onion affected versions not specified Description: A problematic issue was found in the function onion response flush of the file src/onion/response.c of the component Log Handler. The manipulation leads to allocation of resources...

PT-2022-11592 · Unknown · Phpservermon

Name of the Vulnerable Software and Affected Versions: phpservermon affected versions not specified Description: A problematic issue was found in phpservermon, affecting the generatePasswordResetToken function of the file src/psm/Service/User.php. The manipulation leads to the use of a predictabl...