5 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-19479
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/card-setcos.c has an incorrect read operation during parsing of a SETC...
CVE-2025-1614
CVE-2025-1614 affects FiberHome AN5506-01A ONU GPON RP2511, specifically the Port Forwarding Submenu’s /goform/portForwardingCfg.x file and pf_Description parameter, where cross-site scripting is triggered. The vulnerability is reported as exploitable remotely; multiple sources note that the expl...
CVE-2024-3685
A vulnerability, which was classified as critical, was found in DedeCMS 5.7.112-UTF8. Affected is an unknown function of the file stepselectmain.php. The manipulation of the argument ids leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...
CVE-2024-2997
CVE-2024-2997 affects the Bdtask Multi-Store Inventory Management System (up to 20240320). The vulnerability is a cross-site scripting flaw triggered by manipulating the arguments Category Name, Model Name, Brand Name, or Unit Name, allowing remote exploitation and arbitrary script execution with...
[Full-disclosure] What's Up Professional Spoofing Authentication Bypass
What's Up Professional 2006 is vulnerable to a spoofing attack whereby the attacker can trick the application into thinking he/she is making a request from the console which is considered trusted. This attack will allow the attacker to bypass the authentication mechanism of the application and...