Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3632 matches found

OSV
OSVadded 2023/12/28 6:15 p.m.13 views

CVE-2023-7133

A vulnerability was found in yproject RuoYi 4.7.8. It has been declared as problematic. This vulnerability affects unknown code of the file /login of the component HTTP POST Request Handler. The manipulation of the argument rememberMe with the input falsen3f0malert1p86o0 leads to cross site...

6.1CVSS6.4AI score
Exploits0References3
Prion
Prionadded 2023/12/28 6:15 p.m.15 views

Cross site scripting

A vulnerability was found in yproject RuoYi 4.7.8. It has been declared as problematic. This vulnerability affects unknown code of the file /login of the component HTTP POST Request Handler. The manipulation of the argument rememberMe with the input falsen3f0malert1p86o0 leads to cross site...

5CVSS6.6AI score0.00679EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2023/12/28 5:31 p.m.25 views

CVE-2023-7133 y_project RuoYi HTTP POST Request login cross site scripting

A vulnerability was found in yproject RuoYi 4.7.8. It has been declared as problematic. This vulnerability affects unknown code of the file /login of the component HTTP POST Request Handler. The manipulation of the argument rememberMe with the input falsen3f0malert1p86o0 leads to cross site...

5CVSS6.2AI score0.00679EPSS
Exploits1References3
CVE
CVEadded 2023/12/28 5:31 p.m.49 views

CVE-2023-7133

CVE-2023-7133 affects y_project RuoYi 4.7.8. The vulnerability is a cross-site scripting flaw in the HTTP POST login handler, caused by manipulating the rememberMe parameter with input like falsen3f0mp86o0. Attacker can exploit remotely; the exploit has been disclosed. Root cause centers on impro...

6.1CVSS5.2AI score0.00679EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologiesadded 2023/12/28 12:0 a.m.4 views

PT-2023-32905 · Unknown · Gopeak Masterlab

Name of the Vulnerable Software and Affected Versions: gopeak MasterLab versions up to 3.3.10 Description: A critical vulnerability has been found in the HTTP POST Request Handler component of gopeak MasterLab. This issue affects the sqlInject function of the file app/ctrl/framework/Feature.php...

9.8CVSS7AI score0.00568EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2023/12/28 12:0 a.m.4 views

PT-2023-32906 · Unknown · Gopeak Masterlab

Name of the Vulnerable Software and Affected Versions: gopeak MasterLab versions up to 3.3.10 Description: A critical vulnerability was found in the HTTP POST Request Handler component of gopeak MasterLab. This issue affects the sqlInject function in the file app/ctrl/Framework.php. The...

9.8CVSS7AI score0.0065EPSS
Exploits0References7
OSV
OSVadded 2023/12/27 4:15 p.m.15 views

CVE-2023-7116

A vulnerability, which was classified as critical, has been found in WeiYe-Jing datax-web 2.1.2. Affected by this issue is some unknown functionality of the file /api/log/killJob of the component HTTP POST Request Handler. The manipulation of the argument processId leads to os command injection...

9.8CVSS7.5AI score
Exploits0References3
NVD
NVDadded 2023/12/27 4:15 p.m.13 views

CVE-2023-7116

A vulnerability, which was classified as critical, has been found in WeiYe-Jing datax-web 2.1.2. Affected by this issue is some unknown functionality of the file /api/log/killJob of the component HTTP POST Request Handler. The manipulation of the argument processId leads to os command injection...

9.8CVSS0.09901EPSS
Exploits1References3
Prion
Prionadded 2023/12/27 4:15 p.m.14 views

Command injection

A vulnerability, which was classified as critical, has been found in WeiYe-Jing datax-web 2.1.2. Affected by this issue is some unknown functionality of the file /api/log/killJob of the component HTTP POST Request Handler. The manipulation of the argument processId leads to os command injection...

6.5CVSS7.8AI score0.09901EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2023/12/27 3:31 p.m.20 views

CVE-2023-7116 WeiYe-Jing datax-web HTTP POST Request killJob os command injection

A vulnerability, which was classified as critical, has been found in WeiYe-Jing datax-web 2.1.2. Affected by this issue is some unknown functionality of the file /api/log/killJob of the component HTTP POST Request Handler. The manipulation of the argument processId leads to os command injection...

6.5CVSS10AI score0.09901EPSS
Exploits1References3
CVE
CVEadded 2023/12/27 3:31 p.m.83 views

CVE-2023-7116

WeiYe-Jing datax-web 2.1.2 is affected by an OS command injection in the HTTP POST handler for /api/log/killJob, via manipulation of the processId parameter. The issue can be exploited remotely and has been disclosed publicly. Remediation recommended in connected templates is to update to a newer...

9.8CVSS8.4AI score0.09901EPSS
Exploits1References3Affected Software1
NVD
NVDadded 2023/12/25 1:15 a.m.24 views

CVE-2023-7095

A vulnerability, which was classified as critical, has been found in Totolink A7100RU 7.4cu.2313B20191024. Affected by this issue is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument flag leads to buffer...

10CVSS0.137EPSS
Exploits1References3
Prion
Prionadded 2023/12/25 1:15 a.m.24 views

Buffer overflow

A vulnerability, which was classified as critical, has been found in Totolink A7100RU 7.4cu.2313B20191024. Affected by this issue is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument flag leads to buffer...

10CVSS7.4AI score0.137EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2023/12/25 12:31 a.m.21 views

CVE-2023-7095 Totolink A7100RU HTTP POST Request main buffer overflow

A vulnerability, which was classified as critical, has been found in Totolink A7100RU 7.4cu.2313B20191024. Affected by this issue is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument flag leads to buffer...

10CVSS9.8AI score0.137EPSS
Exploits1References3
EUVD
EUVDadded 2023/12/25 12:31 a.m.5 views

EUVD-2023-59279

A vulnerability, which was classified as critical, has been found in Totolink A7100RU 7.4cu.2313B20191024. Affected by this issue is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument flag leads to buffer...

10CVSS9.7AI score0.137EPSS
Exploits1References3
CNVD
CNVDadded 2023/12/20 12:0 a.m.6 views

Totolink A7100RU Buffer Overflow Vulnerability

The TOTOLINK A7100RU is a wireless router from China's Gion Electronics TOTOLINK. The Totolink A7100RU version 7.4cu.2313B20191024 suffers from a buffer overflow vulnerability, which originates from the failure of the e8 parameter in the component HTTP POST Request Handler to correctly validate t...

10CVSS8.4AI score0.0185EPSS
Exploits1References1
NVD
NVDadded 2023/12/18 4:15 a.m.21 views

CVE-2023-6906

A vulnerability, which was classified as critical, was found in Totolink A7100RU 7.4cu.2313B20191024. Affected is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument flag with the input ie8 leads to buffer...

10CVSS0.0185EPSS
Exploits1References3
Prion
Prionadded 2023/12/18 4:15 a.m.29 views

Buffer overflow

A vulnerability, which was classified as critical, was found in Totolink A7100RU 7.4cu.2313B20191024. Affected is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument flag with the input ie8 leads to buffer...

10CVSS7.3AI score0.0185EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistadded 2023/12/18 12:0 a.m.26 views

CVE-2023-6906 Totolink A7100RU HTTP POST Request main buffer overflow

A vulnerability, which was classified as critical, was found in Totolink A7100RU 7.4cu.2313B20191024. Affected is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument flag with the input ie8 leads to buffer...

10CVSS9.8AI score0.0185EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2023/12/18 12:0 a.m.9 views

CVE-2023-6906 Totolink A7100RU HTTP POST Request main buffer overflow

A vulnerability, which was classified as critical, was found in Totolink A7100RU 7.4cu.2313B20191024. Affected is the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument flag with the input ie8 leads to buffer...

10CVSS9.7AI score0.0185EPSS
Exploits1References3
Rows per page
Query Builder