Lucene search
K

2429 matches found

NVD
NVD
added 2024/08/18 5:15 p.m.25 views

CVE-2024-7908

A vulnerability, which was classified as critical, was found in TOTOLINK EX1200L 9.3.5u.6146B20201023. Affected is the function setDefResponse of the file /www/cgi-bin/cstecgi.cgi. The manipulation of the argument IpAddress leads to stack-based buffer overflow. It is possible to launch the attack...

9.8CVSS0.01475EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/08/18 4:0 p.m.16 views

CVE-2024-7907 TOTOLINK X6000R cstecgi.cgi setSyslogCfg command injection

A vulnerability, which was classified as critical, has been found in TOTOLINK X6000R 9.4.0cu.85220230719. This issue affects the function setSyslogCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument rtLogServer leads to command injection. The attack may be initiated remotely. T...

6.5CVSS7.6AI score0.06239EPSS
Exploits1References4
CVE
CVE
added 2024/08/18 4:0 p.m.62 views

CVE-2024-7907

TOTOLINK X6000R (version 9.4.0cu.852_20230719) is affected by a command-injection vulnerability in the setSyslogCfg function of /cgi-bin/cstecgi.cgi, triggered by manipulating the rtLogServer parameter. The issue is remote-executable, with exploits publicly disclosed and vendor unresponsive. Affe...

9.8CVSS7.1AI score0.06239EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2024/08/18 2:15 p.m.25 views

CVE-2024-43335

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CyberChimps Responsive Blocks – WordPress Gutenberg Blocks allows Stored XSS.This issue affects Responsive Blocks – WordPress Gutenberg Blocks: from n/a through 1.8.8...

6.5CVSS0.0024EPSS
Exploits0References1
OSV
OSV
added 2024/08/18 2:15 p.m.4 views

CVE-2024-43335

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CyberChimps Responsive Blocks – WordPress Gutenberg Blocks allows Stored XSS.This issue affects Responsive Blocks – WordPress Gutenberg Blocks: from n/a through 1.8.8...

5.4CVSS5.8AI score0.0024EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/18 1:39 p.m.23 views

CVE-2024-43335 WordPress Responsive Blocks – WordPress Gutenberg Blocks plugin <= 1.8.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CyberChimps Responsive Blocks – WordPress Gutenberg Blocks allows Stored XSS.This issue affects Responsive Blocks – WordPress Gutenberg Blocks: from n/a through 1.8.8...

6.5CVSS0.0024EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/18 1:39 p.m.11 views

CVE-2024-43335 WordPress Responsive Blocks – WordPress Gutenberg Blocks plugin <= 1.8.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CyberChimps Responsive Blocks – WordPress Gutenberg Blocks allows Stored XSS.This issue affects Responsive Blocks – WordPress Gutenberg Blocks: from n/a through 1.8.8...

6.5CVSS7AI score0.0024EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/08/18 12:0 a.m.2 views

WordPress plugin Responsive Blocks – WordPress Gutenberg Blocks 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Responsive...

6.5CVSS6AI score0.0024EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/18 12:0 a.m.4 views

PT-2024-30501 · WordPress · Cyberchimps Responsive Blocks

Name of the Vulnerable Software and Affected Versions: CyberChimps Responsive Blocks – WordPress Gutenberg Blocks versions 1.8.8 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for...

6.5CVSS5.6AI score0.0024EPSS
Exploits0References10
NVD
NVD
added 2024/08/17 8:15 p.m.8 views

CVE-2024-7900

A vulnerability, which was classified as problematic, was found in xiaohe4966 TpMeCMS 1.3.3.2. Affected is an unknown function of the file /h.php/general/config?ref=addtabs of the component Basic Configuration Handler. The manipulation of the argument Site Name/Beian/Contact...

5.1CVSS0.00502EPSS
Exploits1References5
NVD
NVD
added 2024/08/17 2:15 p.m.12 views

CVE-2024-7896

A vulnerability was found in Tosei Online Store Management System ネット店舗管理システム 4.02/4.03/4.04. It has been rated as critical. Affected by this issue is some unknown functionality of the file /cgi-bin/p1ftpserver.php. The manipulation of the argument adrtxt leads to command injection. The attack ma...

8.8CVSS0.0225EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/08/16 1:34 p.m.5 views

WordPress Responsive Blocks – WordPress Gutenberg Blocks plugin <= 1.8.8 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 4rCanJ0x! Patchstack Alliance in WordPress Plugin Responsive Blocks versions = 1.8.8...

6.5CVSS6.1AI score0.0024EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/08/16 12:0 a.m.15 views

WordPress Responsive Blocks Plugin <= 1.8.8 is vulnerable to Cross Site Scripting (XSS)

Software Responsive Blocks Type Plugin Vulnerable versions = 1.8.8 Fixed in 1.8.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43335 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID deeb36a6e784 Credits 4rCanJ0x! Required privilege...

6.5CVSS6.6AI score0.0024EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/08/13 9:0 p.m.17 views

CVE-2024-7742 wanglongcn ltcms API Endpoint multiDownload server-side request forgery

A vulnerability was found in wanglongcn ltcms 1.0.20. It has been classified as critical. Affected is the function multiDownload of the file /api/file/multiDownload of the component API Endpoint. The manipulation of the argument file leads to server-side request forgery. It is possible to launch...

7.5CVSS7.2AI score0.00824EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/08/12 10:31 p.m.30 views

CVE-2024-7706 Fujian mwcms uploadfile.html uploadimage unrestricted upload

A vulnerability was found in Fujian mwcms 1.0.0. It has been rated as critical. Affected by this issue is the function uploadimage of the file /uploadfile.html. The manipulation of the argument upfile leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclose...

5.8CVSS0.00413EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/08/12 10:31 p.m.19 views

CVE-2024-7705 Fujian mwcms Image Upload uploadeditor.html uploadeditor unrestricted upload

A vulnerability was found in Fujian mwcms 1.0.0. It has been declared as critical. Affected by this vulnerability is the function uploadeditor of the file /uploadeditor.html?action=uploadimage of the component Image Upload. The manipulation of the argument upfile leads to unrestricted upload. The...

5.8CVSS0.00346EPSS
Exploits0References4
NVD
NVD
added 2024/08/12 9:15 p.m.26 views

CVE-2024-7704

A vulnerability was found in Weaver e-cology 8. It has been classified as problematic. Affected is an unknown function of the file /cloudstore/ecode/setup/ecologydev.zip of the component Source Code Handler. The manipulation leads to information disclosure. It is possible to launch the attack...

7.5CVSS0.00778EPSS
Exploits1References4
NVD
NVD
added 2024/08/12 1:38 p.m.28 views

CVE-2024-7615

A vulnerability was found in Tenda FH1206 1.2.0.8. It has been declared as critical. Affected by this vulnerability is the function fromSafeClientFilter/fromSafeMacFilter/fromSafeUrlFilter. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has...

9.8CVSS0.01467EPSS
Exploits1References4
CVE
CVE
added 2024/08/08 11:0 p.m.63 views

CVE-2024-7616

Edimax IC-6220DC and IC-5150W (firmware ≤ 3.06) expose a command-injection vulnerability in the ipcam_cgi module, specifically via the cgiFormString function manipulating the host argument. Exploitation could yield unauthorized commands on affected devices. Remediation from the connected sources:...

9.8CVSS5.9AI score0.0472EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2024/08/07 7:15 p.m.18 views

CVE-2024-41239

A Stored Cross Site Scripting XSS vulnerability was found in "/smsa/addclasssubmit.php" in Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "classname" parameter field...

5.9CVSS0.00483EPSS
Exploits1References2
Rows per page
Query Builder