The vulnerability of the do_setNTP() function in the POST Request Handler component of the Trendnet TEW-815DAP router’s microprogramming system allows a attacker to execute arbitrary commands.

The vulnerability of the dosetNTP function in the POST Request Handler component of the Trendnet TEW-815DAP router’s microprogramming system is related to insufficient validation of the NtpDstStart/NtpDstEnd parameter passed in the command. Exploiting this vulnerability could allow a remote...

CVE-2024-1028

A vulnerability has been found in SourceCodester Facebook News Feed Like 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Post Handler. The manipulation of the argument Description with the input HACKED leads to cross site scripting. T...

CVE-2024-1027

A vulnerability, which was classified as critical, was found in SourceCodester Facebook News Feed Like 1.0. Affected is an unknown function of the component Post Handler. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The identifier of this...

CVE-2024-1027

A vulnerability, which was classified as critical, was found in SourceCodester Facebook News Feed Like 1.0. Affected is an unknown function of the component Post Handler. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The identifier of this...

PT-2024-16155 · Sourcecodester · Sourcecodester Facebook News Feed Like

Name of the Vulnerable Software and Affected Versions: SourceCodester Facebook News Feed Like version 1.0 Description: A vulnerability has been found in the Post Handler component, allowing for cross-site scripting. The issue arises from the manipulation of the Description argument with malicious...

PT-2024-16149 · Sourcecodester · Sourcecodester Facebook News Feed Like

Name of the Vulnerable Software and Affected Versions: SourceCodester Facebook News Feed Like version 1.0 Description: A critical issue was found in the Post Handler component, allowing for unrestricted upload. This can be exploited remotely. Recommendations: For version 1.0, consider disabling t...

Path traversal

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in D-Link DIR-859 1.06B01. It has been rated as critical. Affected by this issue is some unknown functionality of the file /hedwig.cgi of the component HTTP POST Request Handler. The manipulation of the argument service with the input...

PT-2024-15635 · Allegro · Allegro Rompager

Name of the Vulnerable Software and Affected Versions: Allegro RomPager version 4.01 Description: A problematic issue was found in the HTTP POST Request Handler component, specifically in the file usertable.htm?action=delete. The manipulation of the username argument leads to cross-site request...

PT-2024-15643 · Cxbsoft · Cxbsoft Post-Office

Name of the Vulnerable Software and Affected Versions: CXBSoft Post-Office versions up to 1.0 Description: A critical issue was found in the HTTP POST Request Handler component, specifically in the file /apps/reg go.php. The manipulation of the username reg argument leads to sql injection. The...

PT-2024-15640 · Unknown · Cxbsoft Url-Shorting

Name of the Vulnerable Software and Affected Versions: CXBSoft Url-shorting versions up to 1.3.1 Description: A critical issue has been found in the processing of the file /admin/pages/update go.php of the component HTTP POST Request Handler. The manipulation of the version argument leads to SQL...

CVE-2024-0496

A vulnerability was found in Kashipara Billing Software 1.0 and classified as critical. This issue affects some unknown processing of the file itemlistedit.php of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. The attack may be initiated...

CVE-2024-0495

A vulnerability has been found in Kashipara Billing Software 1.0 and classified as critical. This vulnerability affects unknown code of the file partysubmit.php of the component HTTP POST Request Handler. The manipulation of the argument partyname leads to sql injection. The attack can be initiat...

PT-2024-15609 · Unknown · Kashipara Billing

Name of the Vulnerable Software and Affected Versions: Kashipara Billing Software version 1.0 Description: A critical issue was found in the HTTP POST Request Handler component, specifically in the file buyer detail submit.php. The manipulation of the gstn no argument leads to sql injection. This...

PT-2024-15596 · Taokeyun · Taokeyun

Name of the Vulnerable Software and Affected Versions: Taokeyun versions up to 1.0.5 Description: A critical issue has been found, affecting the function login of the file application/index/controller/m/User.php in the HTTP POST Request Handler component. The manipulation of the username argument...

CVE-2024-0461

A vulnerability was found in code-projects Online Faculty Clearance 1.0. It has been classified as critical. Affected is an unknown function of the file deactivate.php of the component HTTP POST Request Handler. The manipulation of the argument haydi leads to sql injection. It is possible to laun...

CVE-2024-0419

A vulnerability was found in Jasper httpdx up to 1.5.4 and classified as problematic. This issue affects some unknown processing of the component HTTP POST Request Handler. The manipulation leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the...

CVE-2022-4958

A vulnerability classified as problematic has been found in qkmc-rk redbbs 1.0. Affected is an unknown function of the component Post Handler. The manipulation of the argument title leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the...

CVE-2022-4958 qkmc-rk redbbs Post cross site scripting

A vulnerability classified as problematic has been found in qkmc-rk redbbs 1.0. Affected is an unknown function of the component Post Handler. The manipulation of the argument title leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the...

CVE-2022-4958 qkmc-rk redbbs Post cross site scripting

A vulnerability classified as problematic has been found in qkmc-rk redbbs 1.0. Affected is an unknown function of the component Post Handler. The manipulation of the argument title leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the...

qkmc-rk redbbs cross-site scripting vulnerability

qkmc-rk redbbs is an application. A cross-site scripting vulnerability exists in qkmc-rk redbbs version 1.0, which stems from a cross-site scripting XSS vulnerability in the parameter title of the component Post Handler...