999 matches found
CVE-2024-12183
A vulnerability, which was classified as problematic, was found in DedeCMS 5.7.116. This affects the function RemoveXSS of the file /plus/carbuyaction.php of the component HTTP POST Request Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Th...
CVE-2024-11860
A vulnerability classified as critical has been found in SourceCodester Best House Rental Management System 1.0. This affects an unknown part of the file /rental/ajax.php?action=deletetenant of the component POST Request Handler. The manipulation of the argument id leads to improper authorization...
CVE-2024-11860
A vulnerability classified as critical has been found in SourceCodester Best House Rental Management System 1.0. This affects an unknown part of the file /rental/ajax.php?action=deletetenant of the component POST Request Handler. The manipulation of the argument id leads to improper authorization...
CVE-2024-11860
CVE-2024-11860 affects SourceCodester Best House Rental Management System 1.0. The vulnerability exists in the POST Request Handler, specifically the file path /rental/ajax.php?action=delete_tenant, where manipulation of the argument id leads to improper authorization. This can be exploited remot...
CVE-2024-10351 Tenda RX9 Pro POST Request setMacFilterCfg sub_424CE0 stack-based overflow
A vulnerability was found in Tenda RX9 Pro 22.03.02.20. It has been rated as critical. This issue affects the function sub424CE0 of the file /goform/setMacFilterCfg of the component POST Request Handler. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack...
CVE-2024-10351 Tenda RX9 Pro POST Request setMacFilterCfg sub_424CE0 stack-based overflow
A vulnerability was found in Tenda RX9 Pro 22.03.02.20. It has been rated as critical. This issue affects the function sub424CE0 of the file /goform/setMacFilterCfg of the component POST Request Handler. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack...
CVE-2024-10351
The CVE-2024-10351 vulnerability affects Tenda RX9 Pro (version 22.03.02.20) in the POST handler function /goform/setMacFilterCfg, sub_424CE0. Manipulating the deviceList argument leads to a stack-based buffer overflow, allowing remote exploitation and potentially arbitrary code execution. Public...
CVE-2024-9974
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file classes/Master.php?f=addtocard of the component POST Request Handler. The manipulation of the argument productid leads to s...
CVE-2024-9974
The CVE-2024-9974 entry concerns SourceCodester Online Eyewear Shop 1.0. Affected functionality is in the POST Request Handler, specifically the file classes/Master.php?f=add_to_card, where manipulating the product_id parameter leads to SQL injection. Remote exploitation is possible and public ex...
CVE-2024-9974 SourceCodester Online Eyewear Shop POST Request Master.php sql injection
A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file classes/Master.php?f=addtocard of the component POST Request Handler. The manipulation of the argument productid leads to s...
PT-2024-39972 · Unknown · Sourcecodester Online Eyewear Shop
Name of the Vulnerable Software and Affected Versions: SourceCodester Online Eyewear Shop version 1.0 Description: A critical issue has been found in the software, affecting an unknown functionality of the file classes/Master.php?f=add to card of the component POST Request Handler. The manipulati...
Regular Expression Denial Of Service (ReDoS)
langflow is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability is due to improper handling of the remainingtext argument in the HTTP POST Request Handler, allowing an attacker to exploit the inefficient regular expression patterns and causes excessive resource consumption...
CVE-2024-9513
A vulnerability was found in Netadmin Software NetAdmin IAM up to 3.5 and classified as problematic. Affected by this issue is some unknown functionality of the file /controller/api/Answer/ReturnUserQuestionsFilled of the component HTTP POST Request Handler. The manipulation of the argument...
CVE-2024-9513
NetAdmin IAM (Netadmin Software) up to version 3.5 has a vulnerability in the HTTP POST Request Handler at /controller/api/Answer/ReturnUserQuestionsFilled. The issue arises from improper manipulation of the username parameter, causing information exposure via discrepancy. Impact is limited to co...
GHSA-355V-2RJX-FPX7 Inefficient Regular Expression Complexity in langflow
A vulnerability classified as problematic was found in Langflow up to 1.0.18. Affected by this vulnerability is an unknown functionality of the file \src\backend\base\langflow\interface\utils.py of the component HTTP POST Request Handler. The manipulation of the argument remainingtext leads to...
Inefficient Regular Expression Complexity in langflow
A vulnerability classified as problematic was found in Langflow up to 1.0.18. Affected by this vulnerability is an unknown functionality of the file \src\backend\base\langflow\interface\utils.py of the component HTTP POST Request Handler. The manipulation of the argument remainingtext leads to...
CVE-2024-9277
A vulnerability classified as problematic was found in Langflow up to 1.0.18. Affected by this vulnerability is an unknown functionality of the file \src\backend\base\langflow\interface\utils.py of the component HTTP POST Request Handler. The manipulation of the argument remainingtext leads to...
CVE-2024-9277
A vulnerability classified as problematic was found in Langflow up to 1.0.18. Affected by this vulnerability is an unknown functionality of the file \src\backend\base\langflow\interface\utils.py of the component HTTP POST Request Handler. The manipulation of the argument remainingtext leads to...
PT-2024-39535 · Langflow · Langflow
Name of the Vulnerable Software and Affected Versions: Langflow versions up to 1.0.18 Description: A problematic vulnerability was found in Langflow, affecting an unknown functionality of the file srcbackendbaselangflowinterfaceutils.py of the component HTTP POST Request Handler. The manipulation...
CVE-2024-8133
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. It has been declared as critical. This...