Automated-Mess-Management-System Access Control Error Vulnerability

Automated-Mess-Management-System is an automated measurement management system by Boyiddhanath Roy Personal Developer. An Access Control Error vulnerability exists in Automated-Mess-Management-System version 1.0, which stems from /admin/index.php in the component Setting Handler containing unknow...

PT-2024-19571 · Unknown · Boyiddha Automated-Mess-Management-System

Name of the Vulnerable Software and Affected Versions: boyiddha Automated-Mess-Management-System version 1.0 Description: A critical issue affects the Setting Handler component of the system, specifically the /admin/index.php file, leading to improper access controls. The attack can be initiated...

The vulnerability of the Setting Handler component in the software for creating, testing, documenting, publishing, and maintaining the API interface of applications allows a perpetrator to execute arbitrary code.

The vulnerability of the Setting Handler component in software for creating, testing, documenting, publishing, and maintaining the API interface of an application relates to the copying of buffers without checking the size of input data when processing PDF files. Exploiting this vulnerability...

CVE-2024-0570

A vulnerability classified as critical was found in Totolink N350RT 9.3.5u.6265. This vulnerability affects unknown code of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. It is recommended t...

Improper access control

A vulnerability classified as critical was found in Totolink N350RT 9.3.5u.6265. This vulnerability affects unknown code of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. It is recommended t...

Information disclosure

A vulnerability classified as problematic has been found in Totolink T8 4.1.5cu.83320220905. This affects the function getSysStatusCfg of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. The manipulation of the argument ssid/key leads to information disclosure. It is possible to...

what3words Address Field < 4.0.0 - Admin+ Sensitive Information Disclosure

Description A vulnerability has been found in what3words Autosuggest Plugin up to 4.0.0 on WordPress and classified as problematic. Affected by this vulnerability is the function enqueuescripts of the file w3w-autosuggest/public/class-w3w-autosuggest-public.php of the component Setting Handler. T...

CVE-2021-4428

A vulnerability has been found in what3words Autosuggest Plugin up to 4.0.0 on WordPress and classified as problematic. Affected by this vulnerability is the function enqueuescripts of the file w3w-autosuggest/public/class-w3w-autosuggest-public.php of the component Setting Handler. The...

Information disclosure

A vulnerability has been found in what3words Autosuggest Plugin up to 4.0.0 on WordPress and classified as problematic. Affected by this vulnerability is the function enqueuescripts of the file w3w-autosuggest/public/class-w3w-autosuggest-public.php of the component Setting Handler. The...

CVE-2021-4428 what3words Autosuggest Plugin Setting class-w3w-autosuggest-public.php enqueue_scripts information disclosure

A vulnerability has been found in what3words Autosuggest Plugin up to 4.0.0 on WordPress and classified as problematic. Affected by this vulnerability is the function enqueuescripts of the file w3w-autosuggest/public/class-w3w-autosuggest-public.php of the component Setting Handler. The...

CVE-2021-4428

CVE-2021-4428 affects the what3words Autosuggest Plugin for WordPress up to version 4.0.0. The vulnerability is in the enqueue_scripts function of w3w-autosuggest/public/class-w3w-autosuggest-public.php (Setting Handler component) and can lead to information disclosure via remote exploitation. Up...

WordPress Plugin What3words Autosuggest 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure vulnerabilit...

The vulnerability of the Setting Handler component of the Elcomplus SmartPPT server allows a perpetrator to execute arbitrary code.

The vulnerability of the Setting Handler component in the Elcomplus SmartPPT server is related to authentication errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2023-0808

A vulnerability was found in Deye/Revolt/Bosswerk Inverter MW315U54061.47/MW315U54061.471. It has been rated as problematic. This issue affects some unknown processing of the component Access Point Setting Handler. The manipulation with the input 12345678 leads to use of hard-coded password. It i...

CVE-2023-0808

A vulnerability was found in Deye/Revolt/Bosswerk Inverter MW315U54061.47/MW315U54061.471. It has been rated as problematic. This issue affects some unknown processing of the component Access Point Setting Handler. The manipulation with the input 12345678 leads to use of hard-coded password. It i...

Hardcoded credentials

A vulnerability was found in Deye/Revolt/Bosswerk Inverter MW315U54061.47/MW315U54061.471. It has been rated as problematic. This issue affects some unknown processing of the component Access Point Setting Handler. The manipulation with the input 12345678 leads to use of hard-coded password. It i...

CVE-2019-25093

A vulnerability, which was classified as problematic, was found in dragonexpert Recent Threads on Index. Affected is the function recentthreadlistthreads of the file inc/plugins/recentthreads/hooks.php of the component Setting Handler. The manipulation of the argument recentthreadforumskip leads ...

CVE-2019-25093

A vulnerability, which was classified as problematic, was found in dragonexpert Recent Threads on Index. Affected is the function recentthreadlistthreads of the file inc/plugins/recentthreads/hooks.php of the component Setting Handler. The manipulation of the argument recentthreadforumskip leads ...

CVE-2019-25093 dragonexpert Recent Threads on Index Setting hooks.php recentthread_list_threads cross site scripting

A vulnerability, which was classified as problematic, was found in dragonexpert Recent Threads on Index. Affected is the function recentthreadlistthreads of the file inc/plugins/recentthreads/hooks.php of the component Setting Handler. The manipulation of the argument recentthreadforumskip leads ...

PT-2022-24190 · Unknown · Webfactory Under Construction Plugin

Name of the Vulnerable Software and Affected Versions: WebFactory Under Construction Plugin affected versions not specified Description: A problematic vulnerability has been found in the WebFactory Under Construction Plugin, affecting the Plugin Setting Handler component. This issue leads to...