3858 matches found
CVE-2024-6179
LG SuperSign CMS is affected by a Reflected XSS due to improper input neutralization during web page generation. Affected versions are 4.1.3 up to 4.3.0 (before 4.3.1). Root cause: insufficient input neutralization in the page generation flow. Remediation: upgrade to 4.3.1 or later as indicated b...
CVE-2024-6179 XSS vulnerability in LG SuperSign CMS
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LG Electronics SuperSign CMS allows Reflected XSS. This issue affects SuperSign CMS: from 4.1.3 before 4.3.1...
CVE-2024-6178 XSS vulnerability in LG SuperSign CMS
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LG Electronics SuperSign CMS allows Reflected XSS. This issue affects SuperSign CMS: from 4.1.3 before 4.3.1...
CVE-2024-6178
CVE-2024-6178 describes a cross-site scripting vulnerability inLG Electronics’ SuperSign CMS. The issue arises from improper input neutralization during web page generation and enables reflected XSS . Affected versions are SuperSign CMS 4.1.3 through 4.3.0 (i.e., before 4.3.1). The connected sour...
CVE-2024-6177 XSS vulnerability in LG SuperSign CMS
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in LG Electronics SuperSign CMS allows Reflected XSS. This issue affects SuperSign CMS: from 4.1.3 before 4.3.1...
CVE-2024-6177
CVE-2024-6177 affects LG Electronics SuperSign CMS. A Reflected XSS vulnerability arises from improper input neutralization during web page generation, impacting versions 4.1.3 up to, but not including, 4.3.1. Exploitation leads to client-side script execution with low impact to confidentiality a...
CVE-2024-6176 Port scanning vulnerability in LG SuperSign CMS
Allocation of Resources Without Limits or Throttling vulnerability in LG Electronics LG SuperSign CMS allows Port Scanning.This issue affects LG SuperSign CMS: from 4.1.3 before 4.3.1...
CVE-2024-6176
CVE-2024-6176 concerns LG Electronics LG SuperSign CMS, affecting versions from 4.1.3 up to but not including 4.3.1. The issue stems from allocation of resources without limits or throttling, enabling port scanning against vulnerable deployments. Connected sources confirm the affected product and...
CVE-2024-6176 Port scanning vulnerability in LG SuperSign CMS
Allocation of Resources Without Limits or Throttling vulnerability in LG Electronics LG SuperSign CMS allows Port Scanning.This issue affects LG SuperSign CMS: from 4.1.3 before 4.3.1...
Actiontec Electronics WEB6000Q Security Vulnerability
Actiontec Electronics WEB6000Q is a wireless extender from Actiontec Electronics, Inc. A security vulnerability exists in the Actiontec Electronics WEB6000Q that stems from a lack of proper validation of the length of user-supplied data before it is copied into a fixed-length buffer. An attacker...
CVE-2024-6003 Guangdong Baolun Electronics IP Network Broadcasting Service Platform maps sql injection
A vulnerability was found in Guangdong Baolun Electronics IP Network Broadcasting Service Platform 2.0. It has been classified as critical. Affected is an unknown function of the file /api/v2/maps. The manipulation of the argument orderColumn leads to sql injection. It is possible to launch the...
CVE-2024-6003
CVE-2024-6003 affects Guangdong Baolun Electronics IP Network Broadcasting Service Platform 2.0. The vulnerability is in an unknown function of the file /api/v2/maps, caused by manipulation of the argument orderColumn that leads to SQL injection . It can be exploited remotely, and the exploit has...
Guangdong Baolun Electronics IP Network Broadcasting Service Platform SQL Injection Vulnerability
Guangdong Baolun Electronics IP Network Broadcasting Service Platform is an electronic IP network broadcasting service platform of Guangdong Baolun Electronics, China. A SQL injection vulnerability exists in the Guangdong Baolun Electronics IP Network Broadcasting Service Platform version 2.0,...
CVE-2024-5951
Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this...
CVE-2024-5951
Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this...
CVE-2024-5952
Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability...
CVE-2024-5947
Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to...
CVE-2024-5948
Deep Sea Electronics DSE855 Multipart Boundary Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploi...
CVE-2024-5949
Deep Sea Electronics DSE855 Multipart Boundary Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit th...
CVE-2024-5949
Deep Sea Electronics DSE855 Multipart Boundary Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit th...