103 matches found
PT-2023-9010 · Tp Link · Eap225 V3
Name of the Vulnerable Software and Affected Versions: Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 version 5.1.0 Build 20220926 Description: A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality. This issue is related to the...
Ray Operating System Command Injection Vulnerability
Ray is a unified framework for scaling AI and Python applications open-sourced by ray-project. Ray suffers from an OS command injection vulnerability that stems from a command injection vulnerability in the cpuprofile URL parameter. An attacker can exploit this vulnerability to run the Ray...
CVE-2023-46800
Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'id' parameter of the viewprofile.php resource does not validate the characters received and they are sent unfiltered to the database...
PT-2023-8891
Name of the Vulnerable Software and Affected Versions Ray versions affected versions not specified Description The issue exists due to the lack of neutralization of special elements used in operating system commands. This allows a remote attacker to execute arbitrary commands using specially...
Design/Logic Flaw
The Premium Packages - Sell Digital Products Securely plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.7.4 due to insufficient restriction on the 'wpdmppupdateprofile' function. This makes it possible for authenticated attackers, with minimal...
CVE-2023-31934
Cross Site Scripting vulnerability found in Rail Pass Management System v.1.0 allows a remote attacker to obtain sensitive information via the adminname parameter of admin-profile.php...
Simple Customer Relationship Management SQL注入漏洞
Simple Customer Relationship Management Simple CRM is a Simple Customer Relationship Management System by Carlo Montero Personal Developer. A security vulnerability exists in Simple Customer Relationship Management System v1.0, which originates from a SQL injection vulnerability in the query...
The vulnerability of the ImageMagick graphics editor, related to resource management errors, allows a hacker to cause a service failure.
The vulnerability of the ImageMagick graphics editor is related to resource management errors. Exploiting this vulnerability can allow a remote attacker to cause a service failure using the “profile” parameter...
The vulnerability of the ImageMagick graphic editor lies in errors during the processing of input data, allowing attackers to gain access to protected information.
The vulnerability of the ImageMagick graphic editor is related to errors in processing input data. Exploiting this vulnerability can allow an attacker to gain access to protected information using the “profile” parameter...
PT-2023-1301
Name of the Vulnerable Software and Affected Versions ImageMagick version 7.1.0-49 Description The issue is related to errors in processing input data, which can allow a remote attacker to access protected information using the profile parameter. When ImageMagick parses a PNG image, the resulting...
CVE-2021-41325
Broken access control for user creation in Pydio Cells 2.2.9 allows remote anonymous users to create standard users via the profile parameter. In addition, such users can be granted several admin permissions via the Roles parameter...
Abstrium Pydio Cells 安全漏洞
Abstrium Pydio Cells is a next-generation file-sharing platform developed in the Go language by French company Abstrium. A security vulnerability exists in Pydio Cells 2.2.9 that allows remote anonymous users to create standard users via the profile parameter...
CVE-2021-33547
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the profile parameter which may allow an attacker to remotely execute arbitrary code...
CVE-2021-33547
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to a stack-based buffer overflow condition in the profile parameter which may allow an attacker to remotely execute arbitrary code...
CVE-2021-31655
Cross Site Scripting XSS vulnerability in TRENDnet TV-IP110WN V1.2.2.64 V1.2.2.65 V1.2.2.68 via the profile parameter. in a GET request in view.cgi...
CVE-2021-31655
Cross Site Scripting XSS vulnerability in TRENDnet TV-IP110WN V1.2.2.64 V1.2.2.65 V1.2.2.68 via the profile parameter. in a GET request in view.cgi...
Cross site scripting
Cross Site Scripting XSS vulnerability in TRENDnet TV-IP110WN V1.2.2.64 V1.2.2.65 V1.2.2.68 via the profile parameter. in a GET request in view.cgi...
CVE-2021-31655
Cross Site Scripting XSS vulnerability in TRENDnet TV-IP110WN V1.2.2.64 V1.2.2.65 V1.2.2.68 via the profile parameter. in a GET request in view.cgi...
Trendnet TRENDnet TV-IP110WN 跨站脚本漏洞
The Trendnet TRENDnet TV-IP110WN is a wireless webcam from Trendnet. The Trendnet TRENDnet TV-IP110WN suffers from a cross-site scripting vulnerability that stems from an XSS vulnerability in the profile parameter in /admin/view.cgi...
Geutebrück G-Cam E2 和 G-Code 缓冲区错误漏洞
Geutebrück G-Cam E2 is a camera from manualslib.Geutebrück G-Code is an analog video encoder module from Geutebrück, Germany. A buffer error vulnerability exists in Geutebrück G-Cam E2 and G-Code, which stems from a stack-based buffer overflow in the profile parameter. This could allow an attacke...