PT-2024-22767 · Alcatel Lucent · Alcatel-Lucent Ale Noe Deskphones +1

Name of the Vulnerable Software and Affected Versions: Alcatel-Lucent ALE NOE deskphones versions 86x8 NOE-R300.1.40.12.4180 and earlier Alcatel-Lucent ALE SIP deskphones versions 86x8 SIP-R200.1.01.10.728 and earlier Description: An issue was discovered due to improper privilege management,...

PT-2024-25127 · J2Eefast · J2Eefast

Name of the Vulnerable Software and Affected Versions: J2EEFAST version 2.7.0 Description: A SQL injection issue was discovered via the sql filter parameter in the findpage function. This allows for potential exploitation. No information is provided about the estimated number of potentially...

PT-2024-25190 · Unknown · Library System

Name of the Vulnerable Software and Affected Versions: Library System version V1.0 Description: An issue in the Library System allows a remote attacker to execute arbitrary code via the FAILE variable in the student edit photo.php component. Recommendations: For Library System version V1.0,...

PT-2024-25115 · Thinksaas · Thinksaas

Name of the Vulnerable Software and Affected Versions: ThinkSAAS version 3.7.0 Description: A stored cross-site scripting XSS vulnerability in the component /pubs/counter.php allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the code parameter. This...

PT-2024-25747 · Totolink · Totolink Cp450

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP450 version 4.1.0cu.747 B20191224 Description: A stack buffer overflow issue was found in the SetPortForwardRules function. Recommendations: For TOTOLINK CP450 version 4.1.0cu.747 B20191224, consider disabling the SetPortForwardRul...

PT-2024-24156 · Unknown · Rg-Rsr10-01G-T(Wa)-S

Name of the Vulnerable Software and Affected Versions: RG-RSR10-01G-TW-S and RG-RSR10-01G-TWA-S routers version RSR10-01G-T-S RSR 3.01B9P2, Release07150910 Description: An issue in the routers allows attackers to execute arbitrary code via the common quick config.lua file. Recommendations: For...

PT-2024-24510 · Totolink · Totolink N300Rt

Name of the Vulnerable Software and Affected Versions: TOTOLINK N300RT version V2.1.8-B20201030.1539 Description: The issue is related to a Store Cross-site scripting XSS vulnerability. This vulnerability is located in the Port Forwarding section under the Firewall Page. Recommendations: For...

PT-2024-24489 · Tenda · Tenda W30E

Name of the Vulnerable Software and Affected Versions: Tenda W30E version 1.0 V1.0.1.25633 Description: The issue is a command injection vulnerability in the formexeCommand function via the cmdinput parameter. This allows for potential exploitation. Recommendations: For Tenda W30E version 1.0...

PT-2024-4892 · Oracle · Oracle Complex Maintenance

Name of the Vulnerable Software and Affected Versions: Oracle Complex Maintenance, Repair, and Overhaul versions 12.2.3 through 12.2.13 Description: The issue exists due to insufficient input validation in the LOV component of the Oracle Complex Maintenance, Repair, and Overhaul product within...

PT-2024-24186 · Sourcecodester · Sourcecodester Loan Management System

Name of the Vulnerable Software and Affected Versions: Sourcecodester Loan Management System version 1.0 Description: The issue concerns SQL Injection via the password parameter in the "login.php" file. This allows for potential unauthorized access to sensitive data. There is no information...

PT-2024-22929 · Unknown · Summernote

Name of the Vulnerable Software and Affected Versions: Summernote versions 0.8.18 and earlier Description: The issue allows a remote attacker to execute arbitrary code via a crafted payload to the codeview parameter. This enables the attacker to perform actions such as executing arbitrary code on...

PT-2024-23632 · Unknown · Phpgurukul Emergency Ambulance Hiring Portal

Name of the Vulnerable Software and Affected Versions: PHPGurukul Emergency Ambulance Hiring Portal version 1.0 Description: A critical issue has been discovered, affecting an unknown function of the file /admin/login.php of the component Admin Login Page. The manipulation of the username argumen...

PT-2024-23647 · Unknown · Phpgurukul Emergency Ambulance Hiring Portal

Name of the Vulnerable Software and Affected Versions: PHPGurukul Emergency Ambulance Hiring Portal version 1.0 Description: A critical issue has been found in the Ambulance Tracking Page component, specifically in the file ambulance-tracking.php. The manipulation of the searchdata argument leads...

PT-2024-14897

Name of the Vulnerable Software and Affected Versions Egehan Security WebPDKS versions through 20240329 Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. The vendor w...

PT-2024-22386 · Unknown · Open Source Medicine Ordering System

Name of the Vulnerable Software and Affected Versions: Open Source Medicine Ordering System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the date parameter at the "/admin/reports/index.php" API endpoint. Recommendations: F...

PT-2024-20819 · Unknown · Magesh-K21 Online-College-Event-Hall-Reservation-System

Name of the Vulnerable Software and Affected Versions: MAGESH-K21 Online-College-Event-Hall-Reservation-System version 1.0 Description: A problem was found in the system, affecting some unknown functionality of the file /admin/bookdate.php. The issue involves the manipulation of the id argument,...

PT-2024-19356 · Ibm · Ibm Infosphere Information Server

Name of the Vulnerable Software and Affected Versions: IBM InfoSphere Information Server version 11.7 Description: The issue concerns the storage of potentially sensitive information in log files by IBM InfoSphere Information Server, which could be accessed by a local user. Recommendations: For I...

PT-2024-2053 · Ibm · Ibm Engineering Requirements Management Doors

Name of the Vulnerable Software and Affected Versions: IBM Engineering Requirements Management versions 9.7.2.7 Description: The issue exists due to insufficient protection of the web page structure, allowing a remote attacker to exploit it and potentially disclose protected information. This...

PT-2024-13730 · Ellucian · Ellucian Banner

Name of the Vulnerable Software and Affected Versions: Ellucian Banner version 9.17 Description: The issue allows Insecure Direct Object Reference IDOR via a modified bannerId to the "/StudentSelfService/ssb/studentCard/retrieveData" endpoint. This means an attacker could potentially access...

PT-2024-20072 · Samsung · Samsung Magician

Name of the Vulnerable Software and Affected Versions: Samsung Magician PC Software version 8.0.0 Description: The issue is related to improper privilege control for a named pipe, allowing a local attacker to read privileged data. This could potentially lead to unauthorized access to sensitive...