CVE-2024-11848

CVE-2024-11848 affects NitroPack – Caching & Speed Optimization for WordPress. The vulnerability is due to a missing capability check on the nitropack_dismiss_notice_forever AJAX action in NitroPack versions up to 1.17.0, enabling authenticated attackers with subscriber-level access and above to ...

CVE-2024-39769

Multiple buffer overflow vulnerabilities exist in the internet.cgi setqos functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This...

CVE-2024-39294

A buffer overflow vulnerability exists in the adm.cgi setwzdgw4G functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability...

CVE-2024-36272

A buffer overflow vulnerability exists in the usbip.cgi setinfo functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger this vulnerability...

CVE-2024-39294

Affected software / component: Wavlink AC3000, model M33A8.V5030.210505; vulnerable function in adm.cgi set_wzdgw4G(). Root cause & vulnerability type: Buffer overflow caused by missing length checks when handling POST data in set_wzdgw4G(), allowing stack-based overflow. Impact (as stated): Pote...

CVE-2024-39785

Multiple command execution vulnerabilities exist in the nas.cgi adddir functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A command...

CVE-2024-27778

CVE-2024-27778 : Fortinet FortiSandbox OS command injection vulnerability (CWE-78). An authenticated attacker with at least read-only privileges can execute unauthorized OS commands via crafted requests. Affected FortiSandbox versions span 3.0.5–3.0.7, 3.1, 3.2, 4.0.0–4.0.4, 4.2.1–4.2.6, and 4.4....

Wavlink AC3000 adm.cgi rep_as_bridge() buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2025 Wavlink AC3000 adm.cgi repasbridge buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-37184 SUMMARY A buffer overflow vulnerability exists in the adm.cgi repasbridge functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted...

Wavlink AC3000 adm.cgi set_wzdgw4G() buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-2026 Wavlink AC3000 adm.cgi setwzdgw4G buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39294 SUMMARY A buffer overflow vulnerability exists in the adm.cgi setwzdgw4G functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HT...

Hewlett Packard Enterprise ArubaOS 安全漏洞

Hewlett Packard Enterprise ArubaOS HPE ArubaOS is a networked wireless operating system from Hewlett Packard Enterprise. A security vulnerability exists in Hewlett Packard Enterprise ArubaOS that stems from an authenticated parameter injection vulnerability, which can be exploited successfully to...

CVE-2023-42240

An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /monitor/sscheduledfile.php...

CVE-2023-42237

An issue was discovered in Selesta Visual Access Manager VAM prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple GET parameters of /vam/vamicommand.php...

CVE-2024-11386

CVE-2024-11386 affects the GatorMail SmartForms WordPress plugin (versions up to and including 1.1.0). It allows Stored Cross-Site Scripting via the gatormailsmartform shortcode due to insufficient input sanitization/output escaping. Exploitation requires at least contributor-level authentication...

CVE-2024-12116 Unlimited Theme Addon For Elementor and WooCommerce <= 1.2.2 - Authenticated (Contributor+) Post Disclosure

The Unlimited Theme Addon For Elementor and WooCommerce plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.2 via the 'uta-template' shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated...

CVE-2024-54998

MonicaHQ v4.1.2 was discovered to contain an authenticated Client-Side Injection vulnerability via the Reason parameter at /people/h:id/debts/create...

CVE-2024-43658

CVE-2024-43658 concerns Iocharger Home firmware prior to 25010801. The issue is a patch traversal/external control of file name or path vulnerability that allows an authenticated attacker to delete arbitrary files on the charging station, potentially removing binaries and compromising integrity a...

CVE-2024-43653 Authenticated command injection in the <redacted> action leads to full remote code execution as root on the charging station

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability allows OS Command Injection as root This issue affects Iocharger firmware for AC model chargers before version 24120701. Likelihood: Moderate – The binary does not seem to be used by the web interface,...

CVE-2024-11830

The PDF Flipbook, 3D Flipbook—DearFlip plugin for WordPress is vulnerable to Stored Cross-Site Scripting via outline settings in all versions up to 2.3.52 due to insufficient input sanitization and output escaping on user-supplied data. This makes it possible for authenticated attackers with...

CVE-2024-11830

CVE-2024-11830 affects Dear Flipbook – PDF Flipbook, 3D Flipbook (WordPress plugin) up to version 2.3.52, enabling Stored XSS via outline settings with authenticated (contributor+) access. Wordfence notes patched status (no exploit/vector details provided in the documents). Red Hat and other entr...

CVE-2024-12328 MAS Elementor <= 1.1.7 - Authenticated (Author+) Stored Cross-Site Scripting via SVG

The MAS Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, ...