136 matches found
PT-2023-11592 · Feehicms · Feehicms
Name of the Vulnerable Software and Affected Versions: Feehicms version 2.0.8 Description: The issue allows a remote attacker to execute arbitrary code via the "/admin/index.php?r=admin-user%2Fupdate-self" component. This is a File Upload vulnerability, which can be exploited by a remote attacker...
PT-2023-24168 · Minical · Minical
Name of the Vulnerable Software and Affected Versions: miniCal version 1.0.0 Description: A critical issue affects the processing of the file /booking/show bookings/. The manipulation of the search query argument leads to SQL injection. The attack may be initiated remotely. The exploit has been...
PT-2023-25000 · Bloofox · Bloofox
Name of the Vulnerable Software and Affected Versions: bloofox version 0.5.2.1 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the pid parameter at the "admin/index.php?mode=settings&page=plugins&action=edit" endpoint. Recommendations: F...
PT-2023-22400 · Unknown · Facemoji Emoji Keyboard
Name of the Vulnerable Software and Affected Versions: Facemoji Emoji Keyboard version 2.9.1.2 Description: The issue allows unauthorized apps to cause escalation of privilege attacks by manipulating a component. Recommendations: For Facemoji Emoji Keyboard version 2.9.1.2, consider restricting...
PT-2023-3470 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a use-after-free flaw in the Netfilter subsystem of the Linux kernel when processing named and anonymous sets in batch requests. This can lead to performing...
PT-2023-22377 · Unknown · Bt21 X Bts Wallpaper
Name of the Vulnerable Software and Affected Versions: BT21 x BTS Wallpaper app version 12 for Android Description: The issue allows unauthorized applications to request permission to insert data into the database that records user personal preferences. This data is loaded into memory when the...
PT-2023-21861 · Unknown · Simple Design Daily Journal +1
Name of the Vulnerable Software and Affected Versions: Simple Design Daily Journal version 1.012.GP.B Description: A vulnerability has been found in the SQLite Database component, leading to cleartext storage in a file or on disk. The manipulation can be launched on the local host. The exploit ha...
PT-2023-3380 · Sourcecodester · Sourcecodester Lost/Found Information System
Name of the Vulnerable Software and Affected Versions: SourceCodester Lost and Found Information System version 1.0 Description: A critical issue has been found in the component "admin/?page=items/view item" of the SourceCodester Lost and Found Information System, related to the lack of protectio...
PT-2023-23517 · Unknown · Jerryscript
Name of the Vulnerable Software and Affected Versions: Jerryscript version 3.0 commit 1a2c047 Description: An Assertion Failure was discovered in Jerryscript via the jmem heap finalize function at jerry-core/jmem/jmem-heap.c. Recommendations: For Jerryscript version 3.0 commit 1a2c047, consider...
PT-2023-3315 · Cisco · Cisco Small Business Rv320 +1
Name of the Vulnerable Software and Affected Versions: Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers affected versions not specified Description: The web-based management interface of the affected devices has insufficient validation of user-supplied input, allowing an...
PT-2023-17251 · Sourcecodester · Sourcecodester Police Crime Record Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Police Crime Record Management System version 1.0 Description: A critical issue affects the GET Parameter Handler component in the /officer/assigncase.php file. The manipulation of the caseid argument leads to SQL injection,...
PT-2023-2355 · Libde265 +5 · Libde265 +5
Name of the Vulnerable Software and Affected Versions: Libde265 version 1.0.11 Description: The issue is related to a heap buffer overflow in the derive collocated motion vectors function at motion.cc. This can be exploited by a remote attacker to impact the confidentiality, integrity, and...
PT-2023-16899 · Unknown · Guizhou 115Cms
Name of the Vulnerable Software and Affected Versions: Guizhou 115cms version 4.2 Description: A problematic issue has been found in Guizhou 115cms, affecting an unknown function of the file /admin/content/index. This issue leads to unrestricted upload and can be launched remotely. The exploit ha...
PT-2023-2337 · Unknown · Rg-Ew1200G Pro Wireless Routers +2
Name of the Vulnerable Software and Affected Versions: RG-EW1200G PRO Wireless Routers version EW 3.01B11P204 RG-EW1800GX PRO Wireless Routers version EW 3.01B11P204 RG-EW3200GX PRO Wireless Routers version EW 3.01B11P204 Description: The issue is related to the lack of input data sanitization in...
PT-2023-16617 · Sourcecodester · Sourcecodester Auto Dealer Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Auto Dealer Management System version 1.0 Description: A critical issue has been discovered, affecting an unknown function of the file /adms/admin/?page=user/manage user. The manipulation of the id argument leads to SQL...
PT-2023-14640 · Eq · Eq
Name of the Vulnerable Software and Affected Versions: EQ versions 1.5.31 through 2.2.0 Description: The issue is a SQL injection vulnerability that can be exploited via the UserPwd parameter. This allows for potential unauthorized access to sensitive data. Recommendations: For EQ versions 1.5.31...
PT-2023-10554 · Unknown · Insteon Hub
Name of the Vulnerable Software and Affected Versions: Insteon Hub version 1012 Description: Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub. Specially crafted commands sent through the PubNub service can cause a...
PT-2023-10551 · Unknown +1 · Insteon Hub +1
Name of the Vulnerable Software and Affected Versions: Insteon Hub version 1012 Description: Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel. Specially crafted commands sent through the PubNub service can cause a stack-based buffer...
PT-2022-26368 · Sourcecodester · Sourcecodester Event Registration System
Name of the Vulnerable Software and Affected Versions: SourceCodester Event Registration System version 1.0 Description: A vulnerability has been found in the SourceCodester Event Registration System, allowing for cross site scripting through the manipulation of the First Name/Last Name argument ...
PT-2022-5718 · NetGear · Netgear R7000P
Name of the Vulnerable Software and Affected Versions: Netgear R7000P versions V1.3.0.8 through V1.3.1.64 Description: The issue is related to a buffer overflow error via parameters stamode dns1 pri and stamode dns1 sec. This can allow a remote attacker to execute arbitrary code through these...