CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2024/05/05 6:31 a.m.•15 views

CVE-2024-4497 Tenda i21 formexeCommand stack-based overflow

A vulnerability was found in Tenda i21 1.0.0.144656. It has been declared as critical. This vulnerability affects the function formexeCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to th...

9CVSS6.9AI score0.00206EPSS

VulnCheck KEV•added 2024/05/05 12:0 a.m.•1 views

VulnCheck KEV: CVE-2023-3608

A vulnerability was found in Ruijie BCR810W 2.5.10. It has been rated as critical. This issue affects some unknown processing of the component Tracert Page. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may...

8.8CVSS5.7AI score0.00757EPSS

Exploits1References1

OSV•added 2024/04/27 4:15 p.m.•2 views

CVE-2024-4257

A vulnerability was found in BlueNet Technology Clinical Browsing System 1.2.1. It has been classified as critical. This affects an unknown part of the file /xds/deleteStudy.php. The manipulation of the argument documentUniqueId leads to sql injection. It is possible to initiate the attack...

6.5CVSS5.7AI score0.9213EPSS

OSV•added 2024/04/27 12:15 p.m.•2 views

CVE-2024-4250

A vulnerability was found in Tenda i21 1.0.0.144656. It has been declared as critical. Affected by this vulnerability is the function formwrlSSIDset of the file /goform/wifiSSIDset. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. The attack can be launched remotel...

8.8CVSS6.5AI score0.00147EPSS

OSV•added 2024/04/25 11:15 a.m.•1 views

CVE-2024-4164

A vulnerability, which was classified as critical, has been found in Tenda G3 15.11.0.179502. This issue affects the function formModifyPppAuthWhiteMac of the file /goform/ModifyPppAuthWhiteMac. The manipulation of the argument pppoeServerWhiteMacIndex leads to stack-based buffer overflow. The...

9.8CVSS6.4AI score

CVE•added 2024/04/25 10:31 a.m.•49 views

CVE-2024-4164

CVE-2024-4164 affects Tenda G3, specifically the function /goform/ModifyPppAuthWhiteMac::formModifyPppAuthWhiteMac. The parameter pppoeServerWhiteMacIndex can cause a stack-based buffer overflow, enabling a remote attacker to execute arbitrary code on version 15.11.0.17(9502). Publicly disclosed ...

9.8CVSS6.9AI score0.00266EPSS

Exploits0References4Affected Software1

OSV•added 2024/04/24 7:15 p.m.•1 views

CVE-2024-4125

A vulnerability has been found in Tenda W15E 15.11.0.14 and classified as critical. This vulnerability affects the function formSetStaticRoute of the file /goform/setStaticRoute. The manipulation of the argument staticRouteIndex leads to stack-based buffer overflow. The attack can be initiated...

8.8CVSS6.3AI score

OSV•added 2024/04/24 5:15 p.m.•2 views

CVE-2024-4119

A vulnerability was found in Tenda W15E 15.11.0.14. It has been declared as critical. This vulnerability affects the function formIPMacBindDel of the file /goform/delIpMacBind. The manipulation of the argument IPMacBindIndex leads to stack-based buffer overflow. The attack can be initiated...

8.8CVSS6.4AI score0.00148EPSS

OSV•added 2024/04/23 11:15 p.m.•1 views

CVE-2024-4072

A vulnerability was found in Kashipara Online Furniture Shopping Ecommerce Website 1.0. It has been classified as problematic. Affected is an unknown function of the file search.php. The manipulation of the argument txtSearch leads to cross site scripting. It is possible to launch the attack...

5.4CVSS3.7AI score

NVD•added 2024/04/23 8:15 p.m.•10 views

CVE-2024-4065

A vulnerability was found in Tenda AC8 16.03.34.09. It has been rated as critical. This issue affects the function formSetRebootTimer of the file /goform/SetRebootTimer. The manipulation of the argument rebootTime leads to stack-based buffer overflow. The attack may be initiated remotely. The...

9CVSS8.9AI score0.00478EPSS

OSV•added 2024/04/17 11:15 a.m.•1 views

CVE-2024-3907

A vulnerability was found in Tenda AC500 2.0.1.91307. It has been rated as critical. This issue affects the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been...

9.8CVSS6.3AI score0.0036EPSS

Vulnrichment•added 2024/04/16 6:0 p.m.•10 views

CVE-2024-3875 Tenda F1202 Natlimit fromNatlimit stack-based overflow

A vulnerability was found in Tenda F1202 1.2.0.20408. It has been rated as critical. This issue affects the function fromNatlimit of the file /goform/Natlimit. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been...

9CVSS6.9AI score0.00464EPSS

CVE•added 2024/04/11 2:31 a.m.•54 views

CVE-2024-3618

CVE-2024-3618 affects SourceCodester Kortex Lite Advocate Office Management System 1.0. The vulnerability is in an unknown function of the file /control/activate_case.php where manipulation of the argument id leads to SQL injection . It can be exploited remotely, and the exploit has been disclose...

7.2CVSS7.3AI score0.00171EPSS

CVE•added 2024/04/11 1:31 a.m.•57 views

CVE-2024-3616

The CVE-2024-3616 entry concerns SourceCodester Warehouse Management System v1.0, with a cross-site scripting vulnerability in the file pengguna.php. The vulnerability arises from manipulating the arguments admin_user, admin_nama, admin_alamat, and admin_telepon, allowing remote exploitation. Mul...

5.4CVSS6.3AI score0.00167EPSS

CVE•added 2024/04/11 12:31 a.m.•51 views

CVE-2024-3614

SourceCodester Warehouse Management System 1.0 contains an XSS vulnerability in customer.php, triggered by manipulating the parameters nama_customer, alamat_customer, or notelp_customer. This remote vulnerability affects an unknown portion of the file and has been publicly disclosed; exploitation...

5.4CVSS6.2AI score0.00167EPSS

OSV•added 2024/04/10 6:15 a.m.•2 views

CVE-2024-3541

A vulnerability classified as problematic has been found in Campcodes Church Management System 1.0. This affects an unknown part of the file /admin/adminuser.php. The manipulation of the argument firstname leads to cross site scripting. It is possible to initiate the attack remotely. The exploit...

6.1CVSS3.9AI score0.00386EPSS

NVD•added 2024/04/10 5:15 a.m.•12 views

CVE-2024-3540

A vulnerability was found in Campcodes Church Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/addsundaysch.php. The manipulation of the argument Gender leads to sql injection. The attack may be launched remotely. The...

8.8CVSS6.8AI score0.00221EPSS

CVE•added 2024/04/10 5:0 a.m.•53 views

CVE-2024-3540

CVE-2024-3540 affects Campcodes Church Management System 1.0. Affected component: /admin/add_sundaysch.php where the Gender parameter can be manipulated to trigger SQL injection. Root cause: unsanitized input in a server-side query, enabling remote exploitation. Publicly disclosed exploit exists....

8.8CVSS7.3AI score0.00221EPSS

OSV•added 2024/04/10 3:15 a.m.•2 views

CVE-2024-3535

A vulnerability, which was classified as critical, was found in Campcodes Church Management System 1.0. This affects an unknown part of the file /admin/index.php. The manipulation of the argument password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

9.8CVSS5.7AI score0.00126EPSS