CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Prion•added 2024/01/18 11:15 p.m.•17 views

Cross site scripting

A vulnerability, which was classified as problematic, was found in AtroCore AtroPIM 1.8.4. This affects an unknown part of the file /ProductSerie/view/ of the component Product Series Overview. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The...

4CVSS6.3AI score0.0007EPSS

Prion•added 2024/01/18 11:15 p.m.•19 views

Design/Logic Flaw

A vulnerability, which was classified as problematic, has been found in EFS Easy Chat Server 3.1. Affected by this issue is some unknown functionality of the component HTTP GET Request Handler. The manipulation of the argument USERNAME leads to denial of service. The attack may be launched...

4CVSS7AI score0.0005EPSS

Exploits1References5Affected Software1

Prion•added 2024/01/18 1:15 a.m.•19 views

Design/Logic Flaw

A vulnerability was found in Karjasoft Sami HTTP Server 2.0. It has been classified as problematic. Affected is an unknown function of the component HTTP HEAD Rrequest Handler. The manipulation leads to denial of service. It is possible to launch the attack remotely. The exploit has been disclose...

5CVSS7AI score0.00055EPSS

NVD•added 2024/01/17 11:15 p.m.•8 views

CVE-2024-0648

A vulnerability has been found in Yunyou CMS up to 2.2.6 and classified as critical. This vulnerability affects unknown code of the file /app/index/controller/Common.php. The manipulation of the argument templateFile leads to unrestricted upload. The attack can be initiated remotely. The exploit...

9.8CVSS8AI score0.00077EPSS

Prion•added 2024/01/16 3:15 p.m.•20 views

Stack overflow

A vulnerability was found in Totolink LR1200GB 9.1.0u.6619B20230130 and classified as critical. Affected by this issue is the function setParentalRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument sTime leads to stack-based buffer overflow. The attack may be launched remotel...

9CVSS7.2AI score0.00433EPSS

Prion•added 2024/01/15 6:15 a.m.•18 views

Open redirect

A vulnerability classified as problematic was found in CodeCanyon RISE Rise Ultimate Project Manager 3.5.3. This vulnerability affects unknown code of the file /index.php/signin. The manipulation of the argument redirect with the input http://evil.com leads to open redirect. The attack can be...

5CVSS7.3AI score0.00052EPSS

Exploits0References2Affected Software1

Prion•added 2024/01/15 6:15 a.m.•14 views

Sql injection

A vulnerability classified as critical has been found in CodeAstro Real Estate Management System up to 1.0. This affects an unknown part of the file propertydetail.php. The manipulation of the argument pid leads to sql injection. It is possible to initiate the attack remotely. The exploit has bee...

6.5CVSS7.7AI score0.00039EPSS

NVD•added 2024/01/15 5:15 a.m.•12 views

CVE-2024-0540

A vulnerability was found in Tenda W9 1.0.0.74456. It has been classified as critical. Affected is the function formOfflineSet of the component httpd. The manipulation of the argument ssidIndex leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has bee...

9.8CVSS7.3AI score0.00102EPSS

Prion•added 2024/01/15 5:15 a.m.•26 views

Stack overflow

6.5CVSS7.2AI score0.00102EPSS

Cvelist•added 2024/01/15 4:31 a.m.•17 views

CVE-2024-0540 Tenda W9 httpd formOfflineSet stack-based overflow

6.5CVSS9.8AI score0.00102EPSS

Prion•added 2024/01/15 3:15 a.m.•19 views

Stack overflow

A vulnerability was found in Tenda A15 15.13.07.13. It has been rated as critical. This issue affects some unknown processing of the file /goform/SetOnlineDevName of the component Web-based Management Interface. The manipulation of the argument devName leads to stack-based buffer overflow. The...

8.3CVSS7.2AI score0.00134EPSS

Prion•added 2024/01/14 11:15 p.m.•14 views

Sql injection

A vulnerability was found in CmsEasy up to 7.7.7. It has been declared as critical. Affected by this vulnerability is the function getslidechildaction in the library lib/admin/languageadmin.php. The manipulation of the argument sid leads to sql injection. The attack can be launched remotely. The...

6.5CVSS7.5AI score0.00045EPSS

NVD•added 2024/01/13 10:15 p.m.•6 views

CVE-2024-0510

A vulnerability, which was classified as critical, has been found in HaoKeKeJi YiQiNiu up to 3.1. Affected by this issue is the function httppost of the file /application/pay/controller/Api.php. The manipulation of the argument url leads to server-side request forgery. The attack may be launched...

9.8CVSS7.8AI score0.00152EPSS

Exploits1References4

Prion•added 2024/01/13 6:15 p.m.•18 views

Sql injection

A vulnerability was found in Campcodes Student Information System 1.0. It has been classified as critical. Affected is an unknown function of the file /classes/Users.php?f=save. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The...

6.5CVSS7.7AI score0.00052EPSS

Prion•added 2024/01/13 5:15 p.m.•10 views

Sql injection

A vulnerability has been found in Kashipara Billing Software 1.0 and classified as critical. This vulnerability affects unknown code of the file partysubmit.php of the component HTTP POST Request Handler. The manipulation of the argument partyname leads to sql injection. The attack can be initiat...

6.5CVSS7.9AI score0.00053EPSS

Prion•added 2024/01/13 4:15 p.m.•15 views

Sql injection

A vulnerability, which was classified as critical, was found in Kashipara Billing Software 1.0. This affects an unknown part of the file materialbill.php of the component HTTP POST Request Handler. The manipulation of the argument itemtypeid leads to sql injection. It is possible to initiate the...

6.5CVSS7.7AI score0.00053EPSS

Cvelist•added 2024/01/13 9:31 a.m.•19 views

CVE-2024-0482 Taokeyun HTTP POST Request Video.php index sql injection

A vulnerability classified as critical has been found in Taokeyun up to 1.0.5. This affects the function index of the file application/index/controller/app/Video.php of the component HTTP POST Request Handler. The manipulation of the argument cid leads to sql injection. It is possible to initiate...

6.5CVSS10AI score0.00052EPSS

Prion•added 2024/01/12 8:15 p.m.•14 views

Path traversal

A vulnerability, which was classified as problematic, was found in Acritum Femitter Server 1.04. Affected is an unknown function. The manipulation leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-250446 is the...

5CVSS7.2AI score0.00175EPSS

Prion•added 2024/01/12 8:15 p.m.•15 views

Cross site scripting

A vulnerability, which was classified as problematic, was found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file editpositionquery.php. The manipulation of the argument posname leads to cross site scripting. It is possible to launch the attack...

4CVSS6.5AI score0.00058EPSS