Lucene search
K

2429 matches found

Vulnrichment
Vulnrichment
added 2024/07/28 11:0 p.m.9 views

CVE-2024-7172 TOTOLINK A3600R getSaveConfig buffer overflow

A vulnerability classified as critical was found in TOTOLINK A3600R 4.1.2cu.5182B20201102. Affected by this vulnerability is the function getSaveConfig of the file /cgi-bin/cstecgi.cgi?action=save&setting. The manipulation of the argument httphost leads to buffer overflow. The attack can be...

9CVSS7AI score0.01091EPSS
Exploits1References4
CVE
CVE
added 2024/07/28 11:0 a.m.56 views

CVE-2024-7157

TOTOLINK A3100R (v4.1.2cu.5050_B20200504) is affected by a buffer overflow in the getSaveConfig function of /cgi-bin/cstecgi.cgi?action=save&setting, caused by improper handling of the http_host argument. The vulnerability allows remote code execution or crashes and is publicly disclosed. Multipl...

9CVSS8.9AI score0.07368EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2024/07/26 2:15 a.m.19 views

CVE-2024-7115

A vulnerability was found in MD-MAFUJUL-HASAN Online-Payroll-Management-System up to 20230911. It has been declared as critical. This vulnerability affects unknown code of the file /designationviewmore.php. The manipulation of the argument id leads to sql injection. The attack can be initiated...

8.8CVSS0.00542EPSS
Exploits1References4
CVE
CVE
added 2024/07/22 9:28 a.m.51 views

CVE-2024-37215

CVE-2024-37215 is a Stored XSS in Transition Slider – Responsive Image Slider and Gallery (WordPress plugin) up to version 2.20.3. Root cause: improper neutralization of input during web page generation. Affected: Transition Slider – Responsive Image Slider and Gallery (versions n/a through 2.20....

5.9CVSS5.8AI score0.00259EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/07/22 1:31 a.m.61 views

CVE-2024-6965

Tenda O3 (firmware 1.0.0.10) contains a stack-based buffer overflow in the fromVirtualSet function triggered by manipulating ip/localPort/publicPort/app. This allows remote exploitation and has been disclosed publicly. The CVE-2024-6965 vulnerability is rated High/critical by multiple sources (CV...

9CVSS8.9AI score0.0127EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2024/07/21 7:0 a.m.46 views

CVE-2024-6943

CVE-2024-6943 affects ZhongBangKeJi CRMEB up to version 5.4.0. The vulnerability is in the function downloadImage of app/services/product/product/CopyTaobaoServices.php, where input handling leads to deserialization. It can be exploited remotely and the exploit has been disclosed publicly. Multip...

8.8CVSS6.4AI score0.00607EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2024/07/21 5:31 a.m.60 views

CVE-2024-6940

CVE-2024-6940 refers to a code-injection vulnerability in DedeCMS 5.7.114, affecting the file article_template_rand.php. The issue allows remote code execution via crafted input; exploitation has been publicly disclosed and observed in multiple sources. The available documents confirm the vulnera...

7.2CVSS5.3AI score0.00667EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2024/07/20 9:15 a.m.4 views

CVE-2024-37954

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in marcelotorres Simple Responsive Slider allows Reflected XSS.This issue affects Simple Responsive Slider: from n/a through 0.2.2.5...

6.1CVSS5.8AI score0.00288EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/20 8:26 a.m.10 views

CVE-2024-37949 WordPress Responsive Mobile theme <= 1.15.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CyberChimps Responsive Mobile allows Stored XSS.This issue affects Responsive Mobile: from n/a through 1.15.1...

6.5CVSS6.8AI score0.0026EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/20 8:26 a.m.16 views

CVE-2024-37949 WordPress Responsive Mobile theme <= 1.15.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CyberChimps Responsive Mobile allows Stored XSS.This issue affects Responsive Mobile: from n/a through 1.15.1...

6.5CVSS0.0026EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/07/20 8:21 a.m.15 views

CVE-2024-37954 WordPress Simple Responsive Slider plugin <= 0.2.2.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in marcelotorres Simple Responsive Slider allows Reflected XSS.This issue affects Simple Responsive Slider: from n/a through 0.2.2.5...

7.1CVSS7AI score0.00288EPSS
Exploits0References1
CVE
CVE
added 2024/07/20 8:21 a.m.45 views

CVE-2024-37954

CVE-2024-37954 is a reflected XSS in the WordPress plugin Simple Responsive Slider by Marcelotorres. Root cause: improper input neutralization during web page generation. Affected: Simple Responsive Slider for WordPress, from n/a through 0.2.2.5. The connected documents do not provide a confirmed...

7.1CVSS7AI score0.00288EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/07/20 12:0 a.m.6 views

PT-2024-27853 · Cyberchimps · Cyberchimps Responsive Mobile

Name of the Vulnerable Software and Affected Versions: CyberChimps Responsive Mobile versions 1.15.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...

6.5CVSS5.4AI score0.0026EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/07/20 12:0 a.m.4 views

PT-2024-27859 · Unknown · Simple Responsive Slider

Name of the Vulnerable Software and Affected Versions: Simple Responsive Slider versions 0.2.2.5 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS. Recommendations: Fo...

7.1CVSS6.2AI score0.00288EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/07/10 9:14 a.m.4 views

WordPress Simple Responsive Slider plugin <= 0.2.2.5 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin Simple Responsive Slider versions = 0.2.2.5...

7.1CVSS6.1AI score0.00288EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/07/10 8:57 a.m.4 views

WordPress Responsive Mobile theme <=1.15.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Theme Responsive Mobile versions = 1.15.1...

6.5CVSS6.1AI score0.0026EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/07/10 12:0 a.m.8 views

WordPress Responsive Mobile Theme <=1.15.1 is vulnerable to Cross Site Scripting (XSS)

Software Responsive Mobile Type Theme Vulnerable versions =1.15.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37949 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c54227e96d86 Credits stealthcopter Required privilege...

6.5CVSS6.6AI score0.0026EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/07/10 12:0 a.m.8 views

WordPress Simple Responsive Slider Plugin <= 0.2.2.5 is vulnerable to Cross Site Scripting (XSS)

Software Simple Responsive Slider Type Plugin Vulnerable versions = 0.2.2.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37954 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID fa786425d28d Credits Dimas Maulana Required...

7.1CVSS6.6AI score0.00288EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/07/06 1:15 p.m.2 views

CVE-2024-37542

Missing Authorization vulnerability in WpDevArt Responsive Image Gallery, Gallery Album.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3...

6.3CVSS5.8AI score0.00246EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/07/06 12:38 p.m.3 views

WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Responsive Image Gallery, Gallery Album versions = 2.0.3...

6.3CVSS7AI score0.00246EPSS
Exploits0Affected Software1
Rows per page
Query Builder