Linksys E7350 安全漏洞

The Linksys E7350 is a wireless router device from Leadsys. A security vulnerability exists in the handling of the ifname parameter by the Linksys E7350 apcliwpsgenpincode function, which can be exploited by a remote attacker to submit a special request that can be used in the application context...

PT-2025-3414 · Linksys · Linksys E7350

Name of the Vulnerable Software and Affected Versions: Linksys E7350 version 1.1.00.032 Description: A command injection issue was discovered via the ifname parameter in the apcli wps gen pincode function. This allows for potential exploitation. Recommendations: For Linksys E7350 version...

WordPress Woocommerce check pincode/zipcode for shipping plugin <= 2.0.4 - Cross-Site Request Forgery to Reflected Cross-Site Scripting vulnerability

Cross-Site Request Forgery to Reflected Cross-Site Scripting vulnerability discovered by Colin Xu in WordPress Plugin Woocommerce check pincode/zipcode for shipping versions = 2.0.4...

WordPress plugin Woocommerce check pincode/zipcode for shipping 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Woocommerce...

CVE-2024-54333

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in silverplugins217 Check Pincode For Woocommerce check-pincode-for-woocommerce allows Reflected XSS.This issue affects Check Pincode For Woocommerce: from n/a through = 1.1...

CVE-2024-54333 WordPress Check Pincode For Woocommerce plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in silverplugins217 Check Pincode For Woocommerce allows Reflected XSS.This issue affects Check Pincode For Woocommerce: from n/a through 1.1...

CVE-2024-54333

CVE-2024-54333 is a reflected XSS in the WordPress plugin “Check Pincode For Woocommerce” (silverplugins217). Affected versions are up to 1.1. The vulnerability is exploitable over local/remote network with no authentication, but requires user interaction, and can affect confidentiality, integrit...

WordPress plugin Check Pincode For Woocommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerabili...

WordPress Check Pincode For Woocommerce plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin Check Pincode For Woocommerce versions = 1.1...

The vulnerability of the apcli_wps_gen_pincode function in the TOTOLINK A6000R router’s microprogramming system allows a hacker to execute arbitrary commands.

The vulnerability of the apcliwpsgenpincode function in the TOTOLINK A6000R router’s microprogramming system is related to the lack of measures taken to neutralize special elements used in the command when processing the ifname parameter. Exploiting this vulnerability allows a remote attacker to...

CVE-2024-9080

A vulnerability was found in code-projects Student Record System 1.0. It has been classified as critical. Affected is an unknown function of the file /pincode-verification.php. The manipulation of the argument pincode leads to sql injection. It is possible to launch the attack remotely. The explo...

CVE-2024-9080 code-projects Student Record System pincode-verification.php sql injection

A vulnerability was found in code-projects Student Record System 1.0. It has been classified as critical. Affected is an unknown function of the file /pincode-verification.php. The manipulation of the argument pincode leads to sql injection. It is possible to launch the attack remotely. The explo...

Code-Projects Student Record System SQL注入漏洞

Code-Projects Student Record System is a Code-Projects open source student record system. Code-Projects Student Record System version 1.0 has a SQL injection vulnerability that originates from SQL injection of the pincode parameter in the /pincode-verification.php file...

PT-2024-39414 · Unknown · Code-Projects Student Record System

Name of the Vulnerable Software and Affected Versions: code-projects Student Record System version 1.0 Description: A critical issue was found in the code-projects Student Record System. The problem is with an unknown function of the file /pincode-verification.php. The manipulation of the pincode...

PT-2024-8098 · Totolink · Totolink X6000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A6000R version V1.0.1-B20201211.2000 Description: The issue is related to the apcli wps gen pincode function in the TOTOLINK A6000R router's firmware, which fails to neutralize special elements used in a command when processing the...

TOTOLINK A6000R 安全漏洞

TOTOLINK A6000R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A6000R suffers from a command injection vulnerability that stems from the ifname parameter in the apcliwpsgenpincode function containing a command injection vulnerability. No details of the vulnerability are...

CVE-2024-5066

A vulnerability classified as critical was found in PHPGurukul Online Course Registration System 3.1. Affected by this vulnerability is an unknown functionality of the file /pincode-verification.php. The manipulation of the argument pincode leads to sql injection. The attack can be launched...

Online Course Registration SQL注入漏洞

PHPGurukul Online Course Registration is a PHP and MySQL based online course registration system from PHPGurukul, Inc. A SQL injection vulnerability exists in version 3.1 of the PHPGurukul Online Course Registration System, which stems from the parameter pincode in the file...

Linksys E5600 Command Injection Vulnerability

Linksys E5600 is a powerful, compact and reliable WiFi 5 router from Linksys USA. A command injection vulnerability exists in the Linksys E5600 v1.1.0.26, which stems from the failure of the PinCode parameter of the /API/info form endpoint to properly filter constructed command special characters...

The vulnerability of the /API/info component of the Linksys E5600 router’s microprogramming software allows a hacker to inject arbitrary commands.

The vulnerability of the /API/info component of the Linksys E5600 router’s microprogramming system lies in the lack of measures taken to neutralize special elements used in the OS commands. Exploiting this vulnerability allows a malicious actor to inject arbitrary commands using the PinCode...