Lucene search
K

2429 matches found

Cvelist
Cvelist
added 2024/08/07 12:0 a.m.18 views

CVE-2024-41241

A Reflected Cross Site Scripting XSS vulnerability was found in " /smsa/adminlogin.php" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary code via "error" parameter...

0.00434EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/08/07 12:0 a.m.4 views

Kashipara Responsive School Management System 安全漏洞

Kashipara Responsive School Management System is a school management system from Kashipara. A security vulnerability exists in Kashipara Responsive School Management System version v3.2.0, which stems from an incorrect access control vulnerability contained in the /smsa/viewstudents.php file...

5.3CVSS6.7AI score0.00485EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/08/04 11:31 p.m.9 views

CVE-2024-7461 ForIP Tecnologia Administração PABX monitcallcenter authMonitCallcenter sql injection

A vulnerability was found in ForIP Tecnologia Administração PABX 1.x. It has been rated as critical. Affected by this issue is some unknown functionality of the file /authMonitCallcenter of the component monitcallcenter. The manipulation of the argument user leads to sql injection. The attack may...

7.3CVSS7.2AI score0.00546EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/08/02 6:41 a.m.24 views

CVE-2024-3238 WordPress Menu Plugin — Superfly Responsive Menu <= 5.0.29 - Cross-Site Request Forgery to Arbitrary File Deletion

The WordPress Menu Plugin — Superfly Responsive Menu plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.0.29. This is due to missing or incorrect nonce validation on the ajaxhandledeleteicons function. This makes it possible for unauthenticate...

8.8CVSS8.4AI score0.00382EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/02 6:41 a.m.15 views

CVE-2024-3238 WordPress Menu Plugin — Superfly Responsive Menu <= 5.0.29 - Cross-Site Request Forgery to Arbitrary File Deletion

The WordPress Menu Plugin — Superfly Responsive Menu plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 5.0.29. This is due to missing or incorrect nonce validation on the ajaxhandledeleteicons function. This makes it possible for unauthenticate...

8.8CVSS0.00382EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/08/02 12:0 a.m.5 views

PT-2024-24541 · WordPress · Superfly Responsive Menu

Name of the Vulnerable Software and Affected Versions: WordPress Menu Plugin — Superfly Responsive Menu plugin for WordPress versions up to and including 5.0.29 Description: The issue is related to Cross-Site Request Forgery CSRF due to missing or incorrect nonce validation on the ajax handle...

8.8CVSS7.3AI score0.00382EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/08/02 12:0 a.m.5 views

WordPress plugin Superfly Responsive Menu 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS6.4AI score0.00382EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/08/01 1:31 a.m.12 views

CVE-2024-7334 TOTOLINK EX1200L cstecgi.cgi UploadCustomModule buffer overflow

A vulnerability was found in TOTOLINK EX1200L 9.3.5u.6146B20201023. It has been rated as critical. This issue affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed t...

9CVSS6.9AI score0.01192EPSS
Exploits1References4
CVE
CVE
added 2024/07/30 11:21 a.m.41 views

CVE-2024-7127

CVE-2024-7127 describes an XSS flaw in Stackposts Social Marketing Tool caused by improper neutralization of input during web page generation. Submitting a payload in the username at registration can be executed later in the application panel, potentially leading to unauthorized disclosure of inf...

7.2CVSS5.6AI score0.00361EPSS
Exploits0References4Affected Software1
Patchstack
Patchstack
added 2024/07/30 6:39 a.m.4 views

WordPress Responsive Tabs plugin <= 4.0.8 - Contributor+ Stored XSS vulnerability

Contributor+ Stored XSS vulnerability discovered by Krugov Aryom in WordPress Plugin Responsive Tabs versions = 4.0.8...

5.9CVSS6.1AI score0.00406EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2024/07/30 6:15 a.m.5 views

CVE-2024-4096

The Responsive Tabs WordPress plugin through 4.0.8 does not sanitise and escape some of its Tab settings, which could allow high privilege users such as Contributors and above to perform Stored Cross-Site Scripting attacks...

5.9CVSS5.8AI score0.00406EPSS
Exploits1References1
NVD
NVD
added 2024/07/30 6:15 a.m.23 views

CVE-2024-4096

The Responsive Tabs WordPress plugin through 4.0.8 does not sanitise and escape some of its Tab settings, which could allow high privilege users such as Contributors and above to perform Stored Cross-Site Scripting attacks...

5.9CVSS0.00406EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/07/30 6:0 a.m.11 views

CVE-2024-4096 Responsive Tabs <= 4.0.8 - Contributor+ Stored XSS

The Responsive Tabs WordPress plugin through 4.0.8 does not sanitise and escape some of its Tab settings, which could allow high privilege users such as Contributors and above to perform Stored Cross-Site Scripting attacks...

5.8AI score0.00406EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/07/30 6:0 a.m.23 views

CVE-2024-4096 Responsive Tabs <= 4.0.8 - Contributor+ Stored XSS

The Responsive Tabs WordPress plugin through 4.0.8 does not sanitise and escape some of its Tab settings, which could allow high privilege users such as Contributors and above to perform Stored Cross-Site Scripting attacks...

0.00406EPSS
Exploits1References1
NVD
NVD
added 2024/07/30 2:15 a.m.23 views

CVE-2024-7212

A vulnerability, which was classified as critical, has been found in TOTOLINK A7000R 9.1.0u.6268B20220504. This issue affects the function loginauth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to buffer overflow. The attack may be initiated remotely. The...

9CVSS0.01019EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/07/30 12:0 a.m.2 views

WordPress plugin Responsive Tabs 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

5.9CVSS6.7AI score0.00406EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/07/30 12:0 a.m.5 views

PT-2024-29175 · WordPress · Responsive Tabs

Name of the Vulnerable Software and Affected Versions: Responsive Tabs WordPress plugin versions 4.0.8 and earlier Description: The issue allows high privilege users, such as Contributors and above, to perform Stored Cross-Site Scripting attacks due to the plugin not sanitizing and escaping some ...

5.9CVSS5.4AI score0.00406EPSS
Exploits1References6
Patchstack
Patchstack
added 2024/07/30 12:0 a.m.11 views

WordPress Responsive Tabs Plugin <= 4.0.8 is vulnerable to Cross Site Scripting (XSS)

Software Responsive Tabs Type Plugin Vulnerable versions = 4.0.8 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4096 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d75c9df585a3 Credits Krugov Aryom Required...

5.9CVSS5.8AI score0.00406EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2024/07/29 5:15 a.m.1 views

CVE-2024-7184

A vulnerability has been found in TOTOLINK A3600R 4.1.2cu.5182B20201102 and classified as critical. Affected by this vulnerability is the function setUrlFilterRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument url leads to buffer overflow. The attack can be launched remotely...

8.8CVSS7.6AI score0.01091EPSS
Exploits1References4
CVE
CVE
added 2024/07/29 2:31 a.m.58 views

CVE-2024-7179

CVE-2024-7179 affects TOTOLINK A3600R 4.1.2cu.5182_B20201102. The issue lies in the function setParentalRules within /cgi-bin/cstecgi.cgi , where manipulation of the arguments startTime/endTime enables a buffer overflow . The vulnerability can be exploited remotely over the network; exploitation ...

9CVSS8.8AI score0.01091EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder