2429 matches found
CVE-2024-7172 TOTOLINK A3600R getSaveConfig buffer overflow
A vulnerability classified as critical was found in TOTOLINK A3600R 4.1.2cu.5182B20201102. Affected by this vulnerability is the function getSaveConfig of the file /cgi-bin/cstecgi.cgi?action=save&setting. The manipulation of the argument httphost leads to buffer overflow. The attack can be...
CVE-2024-7157
TOTOLINK A3100R (v4.1.2cu.5050_B20200504) is affected by a buffer overflow in the getSaveConfig function of /cgi-bin/cstecgi.cgi?action=save&setting, caused by improper handling of the http_host argument. The vulnerability allows remote code execution or crashes and is publicly disclosed. Multipl...
CVE-2024-7115
A vulnerability was found in MD-MAFUJUL-HASAN Online-Payroll-Management-System up to 20230911. It has been declared as critical. This vulnerability affects unknown code of the file /designationviewmore.php. The manipulation of the argument id leads to sql injection. The attack can be initiated...
CVE-2024-37215
CVE-2024-37215 is a Stored XSS in Transition Slider – Responsive Image Slider and Gallery (WordPress plugin) up to version 2.20.3. Root cause: improper neutralization of input during web page generation. Affected: Transition Slider – Responsive Image Slider and Gallery (versions n/a through 2.20....
CVE-2024-6965
Tenda O3 (firmware 1.0.0.10) contains a stack-based buffer overflow in the fromVirtualSet function triggered by manipulating ip/localPort/publicPort/app. This allows remote exploitation and has been disclosed publicly. The CVE-2024-6965 vulnerability is rated High/critical by multiple sources (CV...
CVE-2024-6943
CVE-2024-6943 affects ZhongBangKeJi CRMEB up to version 5.4.0. The vulnerability is in the function downloadImage of app/services/product/product/CopyTaobaoServices.php, where input handling leads to deserialization. It can be exploited remotely and the exploit has been disclosed publicly. Multip...
CVE-2024-6940
CVE-2024-6940 refers to a code-injection vulnerability in DedeCMS 5.7.114, affecting the file article_template_rand.php. The issue allows remote code execution via crafted input; exploitation has been publicly disclosed and observed in multiple sources. The available documents confirm the vulnera...
CVE-2024-37954
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in marcelotorres Simple Responsive Slider allows Reflected XSS.This issue affects Simple Responsive Slider: from n/a through 0.2.2.5...
CVE-2024-37949 WordPress Responsive Mobile theme <= 1.15.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CyberChimps Responsive Mobile allows Stored XSS.This issue affects Responsive Mobile: from n/a through 1.15.1...
CVE-2024-37949 WordPress Responsive Mobile theme <= 1.15.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CyberChimps Responsive Mobile allows Stored XSS.This issue affects Responsive Mobile: from n/a through 1.15.1...
CVE-2024-37954 WordPress Simple Responsive Slider plugin <= 0.2.2.5 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in marcelotorres Simple Responsive Slider allows Reflected XSS.This issue affects Simple Responsive Slider: from n/a through 0.2.2.5...
CVE-2024-37954
CVE-2024-37954 is a reflected XSS in the WordPress plugin Simple Responsive Slider by Marcelotorres. Root cause: improper input neutralization during web page generation. Affected: Simple Responsive Slider for WordPress, from n/a through 0.2.2.5. The connected documents do not provide a confirmed...
PT-2024-27853 · Cyberchimps · Cyberchimps Responsive Mobile
Name of the Vulnerable Software and Affected Versions: CyberChimps Responsive Mobile versions 1.15.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...
PT-2024-27859 · Unknown · Simple Responsive Slider
Name of the Vulnerable Software and Affected Versions: Simple Responsive Slider versions 0.2.2.5 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS. Recommendations: Fo...
WordPress Simple Responsive Slider plugin <= 0.2.2.5 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin Simple Responsive Slider versions = 0.2.2.5...
WordPress Responsive Mobile theme <=1.15.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Theme Responsive Mobile versions = 1.15.1...
WordPress Responsive Mobile Theme <=1.15.1 is vulnerable to Cross Site Scripting (XSS)
Software Responsive Mobile Type Theme Vulnerable versions =1.15.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37949 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c54227e96d86 Credits stealthcopter Required privilege...
WordPress Simple Responsive Slider Plugin <= 0.2.2.5 is vulnerable to Cross Site Scripting (XSS)
Software Simple Responsive Slider Type Plugin Vulnerable versions = 0.2.2.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37954 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID fa786425d28d Credits Dimas Maulana Required...
CVE-2024-37542
Missing Authorization vulnerability in WpDevArt Responsive Image Gallery, Gallery Album.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3...
WordPress Gallery – Image and Video Gallery with Thumbnails plugin <= 2.0.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Responsive Image Gallery, Gallery Album versions = 2.0.3...