88843 matches found
CVE-2024-2916
A vulnerability was found in Campcodes House Rental Management System 1.0. It has been classified as critical. Affected is an unknown function of the file ajax.php. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been...
CVE-2024-2547
A vulnerability was found in Tenda AC18 15.03.05.05 and classified as critical. Affected by this issue is the function R7WebsSecurityHandler. The manipulation of the argument password leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the...
CVE-2024-2813
A vulnerability was found in Tenda AC15 15.03.20multi. It has been declared as critical. This vulnerability affects the function formfastsettingwifiset of the file /goform/fastsettingwifiset. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack can be initiated...
CVE-2024-2808
A vulnerability, which was classified as critical, has been found in Tenda AC15 15.03.05.18/15.03.20multi. This issue affects the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack may be initiate...
CVE-2024-2978
A vulnerability classified as critical has been found in Tenda F1203 2.0.1.6. This affects the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been...
CVE-2024-2981
A vulnerability, which was classified as critical, was found in Tenda FH1202 1.2.0.14408. Affected is the function formfastsettingwifiset of the file /goform/fastsettingwifiset. The manipulation of the argument ssid leads to stack-based buffer overflow. It is possible to launch the attack remotel...
CVE-2024-2987
A vulnerability classified as critical has been found in Tenda FH1202 1.2.0.14408. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument mac leads to stack-based buffer overflow. It is possible to launch the attack remotely. The...
CVE-2024-2486
A vulnerability was found in Tenda AC18 15.03.05.05. It has been classified as critical. This affects the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. It is possible to initiate the attack remotely. Th...
CVE-2024-2576
A vulnerability, which was classified as critical, was found in SourceCodester Employee Task Management System 1.0. This affects an unknown part of the file /update-admin.php. The manipulation of the argument adminid leads to authorization bypass. It is possible to initiate the attack remotely. T...
CVE-2024-2990
A vulnerability, which was classified as critical, was found in Tenda FH1203 2.0.1.6. This affects the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The explo...
CVE-2024-2558
A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has...
CVE-2024-2891
A vulnerability, which was classified as critical, was found in Tenda AC7 15.03.06.44. Affected is the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. It is possible to launch the attack remotely. The...
CVE-2024-2703
A vulnerability classified as critical has been found in Tenda AC10U 15.03.06.49. Affected is the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument mac leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit h...
CVE-2024-2901
A vulnerability has been found in Tenda AC7 15.03.06.44 and classified as critical. This vulnerability affects the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedEndTime leads to stack-based buffer overflow. The attack can be initiated remotely. The...
CVE-2024-2271
A vulnerability classified as critical has been found in keerti1924 Online-Book-Store-Website 1.0. This affects an unknown part of the file /shop.php of the component HTTP POST Request Handler. The manipulation of the argument productname leads to sql injection. It is possible to initiate the...
CVE-2024-2989
A vulnerability, which was classified as critical, has been found in Tenda FH1203 2.0.1.6. Affected by this issue is the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched...
CVE-2026-0649 invoiceninja Migration Import Import.php copy server-side request forgery
A security vulnerability has been detected in invoiceninja up to 5.12.38. The affected element is the function copy of the file /app/Jobs/Util/Import.php of the component Migration Import. The manipulation of the argument companylogo leads to server-side request forgery. It is possible to initiat...
CVE-2024-14020 carboneio carbone Formatter input.js prototype pollution
A weakness has been identified in carboneio carbone up to fbcd349077ad0e8748be73eab2a82ea92b6f8a7e. This impacts an unknown function of the file lib/input.js of the component Formatter Handler. Executing a manipulation can lead to improperly controlled modification of object prototype attributes...
CVE-2024-14020
CVE-2024-14020 affects carbone (Formatter Handler, lib/input.js). A prototype pollution flaw exists in the formatters input path that can enable manipulation of Object.prototype attributes. Exploitation is described as remote with high complexity; affected versions are up to fbcd349077ad0e8748be7...
PT-2026-1863
Name of the Vulnerable Software and Affected Versions OpenAirInterface CN5G AMF versions through 2.0.1 Description A logical error exists in the processing of JSON format requests. Remote attackers can send malicious JSON data to the AMF's SBI interface, potentially causing a denial-of-service...