PT-2024-36447 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: KASHIPARA E-learning Management System version 1.0 Description: The issue concerns a SQL Injection vulnerability in the /admin/delete subject.php endpoint. This vulnerability allows for potential exploitation by injecting malicious SQL code...

PT-2024-11558 · Ovaledge · Ovaledge

Name of the Vulnerable Software and Affected Versions: OvalEdge versions 5.2.8.0 and earlier Description: The issue is related to multiple Stored XSS also known as Persistent or Type II vulnerabilities. These vulnerabilities can be exploited via a POST request to the "/profile/updateProfile" API...

PT-2024-39096 · Sourcecodester · Sourcecodester Online Food Menu

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Food Menu version 1.0 Description: A critical issue has been found in the processing of the file /endpoint/delete-menu.php. The manipulation of the argument menu leads to SQL injection. The attack may be initiated...

PT-2024-30160 · Unknown · Kashipara Music Management System

Name of the Vulnerable Software and Affected Versions: Kashipara Music Management System version 1.0 Description: A Stored Cross Site Scripting XSS issue was found in the "/music/ajax.php?action=save music" endpoint, allowing remote attackers to execute arbitrary code via the title and artist...

PT-2024-30138 · Unknown · Kashipara Hotel Management System

Name of the Vulnerable Software and Affected Versions: Kashipara Hotel Management System version 1.0 Description: A Cross-Site Request Forgery CSRF issue was found in the system via the "/admin/delete room.php" API endpoint. This allows an attacker to perform unauthorized actions on the system...

PT-2024-38754 · Genexis · Genexis Tilgin Home Gateway

Name of the Vulnerable Software and Affected Versions: Genexis Tilgin Home Gateway version 322 AS0500-03 05 13 05 Description: This issue affects some unknown processing of the file "/vood/cgi-bin/vood view.cgi?lang=EN&act=user/spec...

PT-2024-7539 · Tenda · Tenda Ac15

Name of the Vulnerable Software and Affected Versions: Tenda AC15 version 15.03.05.19 Description: A critical vulnerability has been found in the function SetDlnaCfg of the file /goform/SetDlnaCfg. The manipulation of the argument scanList leads to a stack-based buffer overflow. This issue can be...

PT-2024-28329 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in idccms. The vulnerability can be exploited via the "/admin/idcProData deal.php" endpoint, specifically when the mudi parameter is set to "del". This...

PT-2024-36068 · Unknown · Phpmybackuppro

Name of the Vulnerable Software and Affected Versions: PhpMyBackupPro version 2.3 Description: A vulnerability has been discovered that could allow an attacker to execute XSS through the "/phpmybackuppro/get file.php" API endpoint, using the view parameter. This could allow an attacker to create ...

PT-2024-23102 · Unknown · Sentrifugo

Name of the Vulnerable Software and Affected Versions: Sentrifugo version 3.2 Description: A Cross-Site Scripting XSS issue exists in Sentrifugo, specifically through the /sentrifugo/index.php/sitepreference/add endpoint, where the description parameter is vulnerable. This could allow a remote us...

PT-2024-2401 · Tenda · Tenda Ac15

Name of the Vulnerable Software and Affected Versions: Tenda AC15 versions 15.03.05.18 through 15.03.20 multi Description: A critical issue has been found in the function formWifiWpsOOB of the file /goform/WifiWpsOOB. The manipulation of the argument index leads to a stack-based buffer overflow...

PT-2024-2263 · Tenda · Tenda Ac18

Name of the Vulnerable Software and Affected Versions: Tenda AC18 version 15.03.05.05 Description: A critical issue affects the formSetPPTPServer function of the file /goform/SetPptpServerCfg. The manipulation of the startIP argument leads to a stack-based buffer overflow. This issue can be...

PT-2023-9116 · Tenda · Tenda I6

Name of the Vulnerable Software and Affected Versions: Tenda i6 version 1.0.0.83856 Description: The issue is related to a buffer overflow vulnerability in the Wi-Fi router's microprogram, specifically in the /goform/WifiMacFilterSet component. This vulnerability can be exploited by a remote...