3 matches found
The vulnerability in the get_query function of http_microhttpd.c allows a high-performance authentication gateway, OpenNDS, to execute arbitrary code by a attacker.
The vulnerability in the getquery function of the high-performance authentication gateway OpenNDS lies in buffer overflow attacks. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending specially crafted GET requests remotely...
UBUNTU-CVE-2023-41101
An issue was discovered in the captive portal in OpenNDS before version 10.1.3. getquery in httpmicrohttpd.c does not validate the length of the query string of GET requests. This leads to a stack-based buffer overflow in versions 9.x and earlier, and to a heap-based buffer overflow in versions...
CVE-2021-24846
The getquery function of the Ni WooCommerce Custom Order Status WordPress plugin before 1.9.7, used by the niwoocosajax AJAX action, available to all authenticated users, does not properly sanitise the sort parameter before using it in a SQL statement, leading to an SQL injection, exploitable by...