Path traversal

A vulnerability was found in Inis up to 2.0.1. It has been rated as problematic. This issue affects some unknown processing of the file /app/api/controller/default/File.php of the component GET Request Handler. The manipulation of the argument path leads to path traversal: '../filedir'. The explo...

CVE-2024-0341 Inis GET Request File.php path traversal

A vulnerability was found in Inis up to 2.0.1. It has been rated as problematic. This issue affects some unknown processing of the file /app/api/controller/default/File.php of the component GET Request Handler. The manipulation of the argument path leads to path traversal: '../filedir'. The explo...

CVE-2024-0341 Inis GET Request File.php path traversal

A vulnerability was found in Inis up to 2.0.1. It has been rated as problematic. This issue affects some unknown processing of the file /app/api/controller/default/File.php of the component GET Request Handler. The manipulation of the argument path leads to path traversal: '../filedir'. The explo...

CVE-2023-7222

A vulnerability was found in Totolink X2000R 1.0.0-B20221212.1452. It has been declared as critical. This vulnerability affects the function formTmultiAP of the file /bin/boa of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The atta...

Buffer overflow

A vulnerability was found in Totolink X2000R 1.0.0-B20221212.1452. It has been declared as critical. This vulnerability affects the function formTmultiAP of the file /bin/boa of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The atta...

CVE-2023-7221

A vulnerability was found in Totolink T6 4.1.9cu.5241B20210923. It has been classified as critical. This affects the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument v41 leads to buffer overflow. It is possibl...

Buffer overflow

A vulnerability was found in Totolink T6 4.1.9cu.5241B20210923. It has been classified as critical. This affects the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument v41 leads to buffer overflow. It is possibl...

CVE-2023-7221

Totolink T6 (version 4.1.9cu.5241_B20210923) is affected by CVE-2023-7221. A buffer overflow exists in the HTTP POST Request Handler at /cgi-bin/cstecgi.cgi?action=login, triggered by manipulating the v41 argument. The vulnerability can be exploited remotely and has been disclosed publicly. Sever...

CVE-2024-0300

A vulnerability was found in Byzoro Smart S150 Management Platform up to 20240101. It has been rated as critical. Affected by this issue is some unknown functionality of the file /useratte/userattestation.php of the component HTTP POST Request Handler. The manipulation of the argument webimg lead...

Stack overflow

A vulnerability classified as critical was found in Totolink N350RT 9.3.5u.6139B20201216. Affected by this vulnerability is the function main of the file /cgi-bin/cstecgi.cgi?action=login&flag=1 of the component HTTP POST Request Handler. The manipulation of the argument v33 leads to stack-based...

CVE-2023-7213

CVE-2023-7213 affects Totolink N350RT (9.3.5u.6139_B20201216) in the HTTP POST Request Handler, specifically the function main at /cgi-bin/cstecgi.cgi?action=login&flag=1. The vulnerability arises from manipulating the argument v33, causing a stack-based buffer overflow that can be triggered remo...

CVE-2024-0263

CVE-2024-0263 affects ACME Ultra Mini HTTPd 1.21, specifically the HTTP GET Request Handler. The documented issue is a remote, unauthenticated denial of service caused by manipulation of this handler. Several connected sources confirm the impact is DoS and that a patch is recommended to fix the v...

PT-2024-15423 · Acme · Acme Ultra Mini Httpd

Name of the Vulnerable Software and Affected Versions: ACME Ultra Mini HTTPd version 1.21 Description: A vulnerability was found in the HTTP GET Request Handler component, which can lead to denial of service. The manipulation can be initiated remotely. The exploit has been disclosed to the public...

CVE-2023-7187

A vulnerability was found in Totolink N350RT 9.3.5u.6139B20201216. It has been rated as critical. This issue affects some unknown processing of the file /cgi-bin/cstecgi.cgi?action=login&flag=ie8 of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. Th...

Stack overflow

A vulnerability was found in Totolink N350RT 9.3.5u.6139B20201216. It has been rated as critical. This issue affects some unknown processing of the file /cgi-bin/cstecgi.cgi?action=login&flag=ie8 of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. Th...

CVE-2023-7187

The CVE-2023-7187 entry affects Totolink N350RT (v9.3.5u.6139_B20201216) where the HTTP POST Request Handler at /cgi-bin/cstecgi.cgi?action=login&flag=ie8 can trigger a stack-based buffer overflow in a vulnerable component. Publicly disclosed exploit and advisories indicate high severity with pot...

CVE-2023-7179

A vulnerability, which was classified as critical, was found in Campcodes Online College Library System 1.0. Affected is an unknown function of the file /admin/categoryrow.php of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. It is possible to...

CVE-2023-7178

A vulnerability, which was classified as critical, has been found in Campcodes Online College Library System 1.0. This issue affects some unknown processing of the file /admin/bookrow.php of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. The...

Sql injection

A vulnerability, which was classified as critical, was found in Campcodes Online College Library System 1.0. Affected is an unknown function of the file /admin/categoryrow.php of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. It is possible to...

Sql injection

A vulnerability, which was classified as critical, has been found in Campcodes Online College Library System 1.0. This issue affects some unknown processing of the file /admin/bookrow.php of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. The...