Lucene search
+L

112 matches found

Openbugbounty
Openbugbounty
added 2024/04/04 6:2 a.m.9 views

last-minute-showboerse.de Cross Site Scripting vulnerability OBB-3899946

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Openbugbounty
Openbugbounty
added 2024/04/02 10:28 a.m.10 views

last-minute-showboerse.de Cross Site Scripting vulnerability OBB-3895783

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/03/13 12:0 a.m.6 views

PT-2024-2328 · Cisco · Cisco Ios Xr

Name of the Vulnerable Software and Affected Versions: Cisco IOS XR Software affected versions not specified Description: A vulnerability in the DHCP version 4 DHCPv4 server feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to trigger a crash of the dhcpd process,...

5.3CVSS7.1AI score0.0064EPSS
Exploits0References5
OSV
OSV
added 2024/01/11 4:15 p.m.3 views

CVE-2024-23061

TOTOLINK A3300R V17.0.0cu.557B20221024 was discovered to contain a command injection vulnerability via the minute parameter in the setScheduleCfg function...

9.8CVSS5.8AI score0.01728EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/01/11 12:0 a.m.6 views

TOTOLINK A3300R 安全漏洞

TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK A3300R version V17.0.0cu.557B20221024, which stems from the minute parameter of the setScheduleCfg method failing to correctly filter construct command special...

9.8CVSS7.8AI score0.01728EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/01/11 12:0 a.m.7 views

PT-2024-19653 · Totolink · Totolink A3300R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3300R version V17.0.0cu.557 B20221024 Description: A command injection issue was found via the minute parameter in the setScheduleCfg function. This allows for potential exploitation. Recommendations: For TOTOLINK A3300R version...

9.8CVSS9.6AI score0.01728EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/01/11 12:0 a.m.35 views

CVE-2024-23061

TOTOLINK A3300R V17.0.0cu.557B20221024 was discovered to contain a command injection vulnerability via the minute parameter in the setScheduleCfg function...

10AI score0.01728EPSS
Exploits1References1
Openbugbounty
Openbugbounty
added 2023/10/29 7:53 p.m.13 views

last-minute-daenemark.de Improper Access Control vulnerability OBB-3768459

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.6AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/07/07 2:35 p.m.4 views

winter-last-minute.de Cross Site Scripting vulnerability OBB-3487299

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/06/24 2:22 a.m.18 views

last-minute-showboerse.de Cross Site Scripting vulnerability OBB-3461630

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/06/21 10:46 a.m.12 views

minute-hebdo.fr Cross Site Scripting vulnerability OBB-3453306

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Code423n4
Code423n4
added 2023/06/14 12:0 a.m.19 views

Upgraded Q -> 2 from #327 [1686724891862]

Judge has assessed an item in Issue 327 as 2 risk. The relevant finding follows: L-04 addBid does not increment the endBlock of the auction when it is close to the end, preventing the protocol from capturing extra value When an Auction is created, it sets a lotItem.endBlock. This value remains...

6.7AI score
Exploits0
Prion
Prion
added 2023/02/03 4:15 p.m.19 views

Command injection

TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the minute parameter in the setRebootScheCfg function...

7.5CVSS9.8AI score0.01915EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2023/02/03 12:0 a.m.5 views

TOTOLINK CA300-PoE 命令注入漏洞

The TOTOLINK CA300-PoE is a wireless access point from China Gion Electronics TOTOLINK. A security vulnerability exists in TOTOLINK CA300-PoE version V6.2c.884, which is caused by a command injection issue in the minute parameter of the setRebootScheCfg method...

9.8CVSS8.4AI score0.01915EPSS
Exploits1References2
HackRead
HackRead
added 2022/12/06 10:43 a.m.16 views

NETGEAR Router Vulnerability Allowed Access to Restricted Services

By Deeba Ahmed According to Tenable research, NETGEAR had to release last-minute patches for their devices that were a part of the Pwn2Own event. This is a post from HackRead.com Read the original post: NETGEAR Router Vulnerability Allowed Access to Restricted Services...

3.4AI score
Exploits0
OSV
OSV
added 2022/11/22 2:15 p.m.4 views

CVE-2022-44193

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameters: starthour, startminute , endhour, and endminute...

9.8CVSS5.8AI score0.01091EPSS
Exploits1References2
CheckPoint Security
CheckPoint Security
added 2022/11/13 12:0 a.m.16 views

VPN SNX portal may be vulnerable to brute-force attack on passwords

Cause The VPN SNX portal in the IPsec VPN Software Blade does not implement any protection against brute-force attack on usernames/passwords. Symptoms - The IPsec VPN blade has a dedicated portal for downloading and connecting through SSL Network Extender SNX. If the portal is configured for...

7.5CVSS7.2AI score0.00591EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/08/17 6:15 p.m.4 views

CVE-2022-38392

Certain 5400 RPM hard drives, for laptops and other PCs in approximately 2005 and later, allow physically proximate attackers to cause a denial of service device malfunction and system crash via a resonant-frequency attack with the audio signal from the Rhythm Nation music video. A reported produ...

5.3CVSS6AI score0.00394EPSS
Exploits0References4
CNVD
CNVD
added 2022/06/13 12:0 a.m.30 views

WordPress Five Minute Webshop plugin SQL injection vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The WordPress plugin is an application plugin. WordPress Five Minute Webshop plugin 1.3.2 and previous versions are vulnerable to SQL injection, which...

4CVSS1.8AI score0.00764EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2022/06/08 10:15 a.m.6 views

CVE-2022-1686

The Five Minute Webshop WordPress plugin through 1.3.2 does not sanitise and escape the id parameter before using it in a SQL statement when editing a product via the admin dashboard, leading to an SQL Injection...

4CVSS5.9AI score0.00764EPSS
Exploits2References3
Rows per page
Query Builder