Lucene search
K

346 matches found

Cvelist
Cvelist
added 2024/10/10 2:0 p.m.23 views

CVE-2024-9788 LyLme_spage tag.php sql injection

A vulnerability has been found in LyLmespage 1.9.5 and classified as critical. This vulnerability affects unknown code of the file /admin/tag.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may...

5.8CVSS0.00547EPSS
Exploits1References4
CVE
CVE
added 2024/09/15 12:31 a.m.47 views

CVE-2024-8864

CVE-2024-8864 affects ComposioHQ Composio up to 0.5.6. The vulnerability targets the Calculator function in python/composio/tools/local/mathematical/actions/calculator.py, where input manipulation enables code injection and arbitrary code execution. The public exploit is disclosed; vendor respons...

8.8CVSS6.3AI score0.00823EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2024/09/14 8:15 p.m.59 views

CVE-2024-8862

A vulnerability, which was classified as critical, has been found in h2oai h2o-3 3.46.0.4. This issue affects the function getConnectionSafe of the file /dtale/chart-data/1 of the component JDBC Connection Handler. The manipulation of the argument query leads to deserialization. The attack may be...

9.8CVSS0.01328EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/09/10 7:31 p.m.12 views

CVE-2024-8655 Mercury MNVR816 web-static file access

A vulnerability was found in Mercury MNVR816 up to 2.0.1.0.5. It has been classified as problematic. This affects an unknown part of the file /web-static/. The manipulation leads to files or directories accessible. It is possible to initiate the attack remotely. The exploit has been disclosed to...

6.9CVSS5.3AI score0.00455EPSS
Exploits0References3
NVD
NVD
added 2024/09/08 8:15 p.m.20 views

CVE-2024-8579

A vulnerability classified as critical has been found in TOTOLINK AC1200 T8 4.1.5cu.861B20230220. This affects the function setWiFiRepeaterCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to buffer overflow. It is possible to initiate the attack remotely. The...

9.8CVSS0.01349EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2024/09/08 4:31 p.m.17 views

CVE-2024-8575 TOTOLINK AC1200 T8 cstecgi.cgi setWiFiScheduleCfg buffer overflow

A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.861B20230220 and classified as critical. This issue affects the function setWiFiScheduleCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument desc leads to buffer overflow. The attack may be initiated remotely. The exploit h...

9CVSS7AI score0.01091EPSS
Exploits1References5
NVD
NVD
added 2024/09/08 11:15 a.m.22 views

CVE-2024-8574

A vulnerability has been found in TOTOLINK AC1200 T8 4.1.5cu.861B20230220 and classified as critical. This vulnerability affects the function setParentalRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument slaveIpList leads to os command injection. The attack can be initiated...

8.8CVSS0.03077EPSS
Exploits1References5
Cvelist
Cvelist
added 2024/09/08 2:31 a.m.23 views

CVE-2024-8568 Mini-Tmall 1 rewardMapper.select sql injection

A vulnerability, which was classified as critical, was found in Mini-Tmall up to 20240901. Affected is the function rewardMapper.select of the file tmall/admin/order/1/1. The manipulation of the argument orderBy leads to sql injection. It is possible to launch the attack remotely. The exploit has...

6.5CVSS0.00493EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/09/07 9:0 a.m.25 views

CVE-2024-8523 lmxcms SQL Command Execution Module admin.php formatData code injection

A vulnerability was found in lmxcms up to 1.4 and classified as critical. Affected by this issue is the function formatData of the file /admin.php?m=Acquisi&a=testcj&lid=1 of the component SQL Command Execution Module. The manipulation of the argument data leads to code injection. The attack may ...

5.8CVSS0.0096EPSS
Exploits1References4
CVE
CVE
added 2024/09/07 9:0 a.m.57 views

CVE-2024-8523

CVE-2024-8523 affects lmxcms up to version 1.4. The vulnerable component is the function formatData in the file /admin.php?m=Acquisi&a=testcj&lid=1 of the SQL Command Execution Module . Manipulation of the argument data leads to code injection. The issue can be exploited remotely, and the exploit...

7.2CVSS5.6AI score0.0096EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2024/08/29 1:15 p.m.34 views

CVE-2024-8296

A vulnerability was found in FeehiCMS up to 2.1.1 and classified as critical. This issue affects the function insert of the file /admin/index.php?r=user%2Fcreate. The manipulation of the argument Useravatar leads to unrestricted upload. The attack may be initiated remotely. The exploit has been...

9.8CVSS0.00756EPSS
Exploits1References4
OSV
OSV
added 2024/08/29 12:31 p.m.22 views

GHSA-XXQW-83C7-R24R FeehiCMS file upload vulnerability

A vulnerability, which was classified as critical, was found in FeehiCMS up to 2.1.1. This affects the function update of the file /admin/index.php?r=friendly-link%2Fupdate. The manipulation of the argument FriendlyLinkimage leads to unrestricted upload. It is possible to initiate the attack...

6.3CVSS7.9AI score0.00756EPSS
Exploits1References6
NVD
NVD
added 2024/08/29 11:15 a.m.36 views

CVE-2024-5987

The WP Accessibility Helper WAH plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'savecontrastvariations' and 'saveemptycontrastvariations' functions in all versions up to, and including, 0.6.2.8. This makes it possible for...

5.4CVSS0.00264EPSS
Exploits0References2
NVD
NVD
added 2024/08/28 12:15 a.m.31 views

CVE-2024-8226

A vulnerability has been found in Tenda O1 1.0.0.710648 and classified as critical. Affected by this vulnerability is the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack can be launched remotely. The explo...

9.8CVSS0.01255EPSS
Exploits1References5
NVD
NVD
added 2024/08/27 11:15 p.m.18 views

CVE-2024-8225

A vulnerability, which was classified as critical, was found in Tenda G3 15.11.0.20. Affected is the function formSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument sysTimePolicy leads to stack-based buffer overflow. It is possible to launch the attack remotely. The...

9.8CVSS0.01213EPSS
Exploits1References5
CVE
CVE
added 2024/08/27 11:0 p.m.58 views

CVE-2024-8225

The CVE-2024-8225 vulnerability affects Tenda G3 devices (version 15.11.0.20) in the formSetSysTime function (/goform/SetSysTimeCfg). The root cause is manipulation of the sysTimePolicy argument, causing a stack-based buffer overflow. This can be exploited remotely, and public exploits have been ...

9.8CVSS8.9AI score0.01213EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2024/08/27 6:15 p.m.20 views

CVE-2024-8208

A vulnerability has been found in nafisulbari/itsourcecode Insurance Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file editClient.php. The manipulation of the argument AGENT ID leads to cross site scripting. The attack can ...

6.1CVSS0.00303EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/08/27 5:31 p.m.21 views

CVE-2024-8208 nafisulbari/itsourcecode Insurance Management System editClient.php cross site scripting

A vulnerability has been found in nafisulbari/itsourcecode Insurance Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file editClient.php. The manipulation of the argument AGENT ID leads to cross site scripting. The attack can ...

5.3CVSS6.1AI score0.00303EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/08/22 8:31 p.m.25 views

CVE-2024-8078 TOTOLINK AC1200 T8 setTracerouteCfg buffer overflow

A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.862B20230228. It has been declared as critical. This vulnerability affects the function setTracerouteCfg. The manipulation leads to buffer overflow. The attack can be initiated remotely. NOTE: The vendor was contacted early about this...

9CVSS0.01043EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/08/22 8:0 p.m.17 views

CVE-2024-8077 TOTOLINK AC1200 T8 setTracerouteCfg os command injection

A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.862B20230228. It has been classified as critical. This affects the function setTracerouteCfg. The manipulation leads to os command injection. It is possible to initiate the attack remotely. NOTE: The vendor was contacted early about this...

6.5CVSS7.6AI score0.02949EPSS
Exploits1References4
Rows per page
Query Builder