31 matches found
CVE-2024-32334
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting XSS vulnerability in IP/Port Filtering under the Firewall Page...
CVE-2024-32327
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting XSS vulnerability in Port Forwarding under the Firewall Page...
CVE-2024-32333
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting XSS vulnerability in MAC Filtering under the Firewall Page...
CVE-2024-32335
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting XSS vulnerability in Access Control under the Wireless Page...
CVE-2024-32334
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting XSS vulnerability in IP/Port Filtering under the Firewall Page...
CVE-2024-32334
Summary: CVE-2024-32334 affects TOTOLINK N300RT, specifically version V2.1.8-B20201030.1539, with a stored XSS vulnerability in the IP/Port Filtering feature of the Firewall page. What is affected: TOTOLINK N300RT vulnerable component is the IP/Port Filtering section under the Firewall configurat...
PT-2024-24514 · Totolink · Totolink N300Rt
Name of the Vulnerable Software and Affected Versions: TOTOLINK N300RT version V2.1.8-B20201030.1539 Description: The issue is related to a Store Cross-site scripting XSS vulnerability. This vulnerability is located in Access Control under the Wireless Page, allowing potential exploitation...
CVE-2024-32333
TOTOLINK N300RT V2.1.8-B20201030.1539 is affected by a Store Cross-site Scripting (XSS) vulnerability in the MAC Filtering function of the Firewall Page. According to PT-2024-3097, the issue stems from lack of protection for the web page structure, allowing an attacker to perform XSS within the M...
CVE-2024-32327
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting XSS vulnerability in Port Forwarding under the Firewall Page...
CVE-2024-32327
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting XSS vulnerability in Port Forwarding under the Firewall Page...
CVE-2024-32333
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting XSS vulnerability in MAC Filtering under the Firewall Page...
CVE-2024-32335
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting XSS vulnerability in Access Control under the Wireless Page...
CVE-2024-32332
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting XSS vulnerability in WDS Settings under the Wireless Page...
CVE-2024-32333
TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting XSS vulnerability in MAC Filtering under the Firewall Page...
CVE-2024-32332
TOTOLINK N300RT with firmware V2.1.8-B20201030.1539 contains a store XSS vulnerability in WDS Settings on the Wireless page (CVE-2024-32332). Public descriptions across NVD/Red Hat/CNNVD/CVE listings confirm the vulnerable component and location. No inline exploit details or patch/version fixes a...
CVE-2024-32035
ImageSharp is a 2D graphics API. A vulnerability discovered in the ImageSharp library, where the processing of specially crafted files can lead to excessive memory usage in image decoders. The vulnerability is triggered when ImageSharp attempts to process image files that are designed to exploit...
CVE-2024-32035 Memory Allocation with Excessive Size Value in SixLabors.ImageSharp
ImageSharp is a 2D graphics API. A vulnerability discovered in the ImageSharp library, where the processing of specially crafted files can lead to excessive memory usage in image decoders. The vulnerability is triggered when ImageSharp attempts to process image files that are designed to exploit...
CVE-2023-49444
An arbitrary file upload vulnerability in DoraCMS v2.1.8 allow attackers to execute arbitrary code via uploading a crafted HTML or image file to the user avatar...
CVE-2023-49443
DoraCMS v2.1.8 was discovered to re-use the same code for verification of valid usernames and passwords. This vulnerability allows attackers to gain access to the application via a bruteforce attack...
Privilege escalation
An arbitrary file upload vulnerability in DoraCMS v2.1.8 allow attackers to execute arbitrary code via uploading a crafted HTML or image file to the user avatar...