WordPress plugin WishList Member 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2024-22543

An issue was discovered in Linksys Router E1700 1.0.04 build 3, allows authenticated attackers to escalate privileges via a crafted GET request to the /goform/ URI or via the ExportSettings function...

PT-2024-30227 · Totolink · Totolink N350Rt

Name of the Vulnerable Software and Affected Versions: TOTOLINK N350RT version V9.3.5u.6139 B20201216 Description: The issue is related to incorrect access control, allowing attackers to obtain the apmib configuration file, which contains the username and password, via a crafted request to...

CVE-2024-22543

An issue was discovered in Linksys Router E1700 1.0.04 build 3, allows authenticated attackers to escalate privileges via a crafted GET request to the /goform/ URI or via the ExportSettings function...

PT-2024-19476 · Linksys · Linksys Router E1700

Name of the Vulnerable Software and Affected Versions: Linksys Router E1700 version 1.0.04 build 3 Description: An issue was discovered in the Linksys Router E1700, allowing authenticated attackers to escalate privileges. This can be achieved via a crafted GET request to the "/goform/" URI or...

PT-2025-51744

Name of the Vulnerable Software and Affected Versions D-Link DAP-1325 firmware version 1.01 Description The device has a flaw in access control that permits unauthenticated attackers to obtain device configuration settings without needing to authenticate. Attackers can access the...

Design/Logic Flaw

TOTOLINK A7000R V4.1cu.4134 was discovered to contain an access control issue via /cgi-bin/ExportSettings.sh...

VulnCheck KEV: CVE-2022-32993

TOTOLINK A7000R V4.1cu.4134 was discovered to contain an access control issue via /cgi-bin/ExportSettings.sh...

Security feature bypass

Insecure method vulnerability in TuxScripting.dll in the TuxSystem ActiveX control in 2X ApplicationServer 10.1 Build 1224 allows remote attackers to create or overwrite arbitrary files via the ExportSettings method...

CVE-2012-1065

CVE-2012-1065 affects 2X ApplicationServer 10.1 Build 1224 via the TuxSystem ActiveX control (TuxScripting.dll). The ExportSettings() method allows remote attackers to create or overwrite arbitrary files on the target system. Nessus notes the vulnerability can be triggered by a user opening a cra...