Lucene search
K

350 matches found

Positive Technologies
Positive Technologies
added 2024/09/16 12:0 a.m.7 views

PT-2024-31993 · Totolink · Totolink Ac1200 T8

Name of the Vulnerable Software and Affected Versions: TOTOLINK AC1200 T8 version 4.1.5cu.861 B20230220 Description: The issue is a buffer overflow vulnerability in the setWiFiAclRules function via the desc parameter. This vulnerability can be exploited, but details about the estimated number of...

9.8CVSS7.5AI score0.01247EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2024/09/07 12:0 a.m.5 views

PT-2024-39096 · Sourcecodester · Sourcecodester Online Food Menu

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Food Menu version 1.0 Description: A critical issue has been found in the processing of the file /endpoint/delete-menu.php. The manipulation of the argument menu leads to SQL injection. The attack may be initiated...

7.2CVSS5.8AI score0.00412EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2024/08/27 12:0 a.m.5 views

PT-2024-30184 · Exiftags +1 · Exiftags +1

Name of the Vulnerable Software and Affected Versions: exiftags version 1.01 Description: A Buffer Overflow vulnerability in exiftags allows a local attacker to execute arbitrary code via the paresetag function. This issue enables local code execution. Recommendations: For exiftags version 1.01, ...

8.4CVSS7.5AI score0.00285EPSS
Exploits1References19
Positive Technologies
Positive Technologies
added 2024/08/26 12:0 a.m.4 views

PT-2024-30160 · Unknown · Kashipara Music Management System

Name of the Vulnerable Software and Affected Versions: Kashipara Music Management System version 1.0 Description: A Stored Cross Site Scripting XSS issue was found in the "/music/ajax.php?action=save music" endpoint, allowing remote attackers to execute arbitrary code via the title and artist...

6.1CVSS6.6AI score0.00492EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/08/26 12:0 a.m.4 views

PT-2024-31172 · Tenda · Tenda Ax1806

Name of the Vulnerable Software and Affected Versions: Tenda AX1806 version 1.0.0.1 Description: The issue is a stack overflow that can occur via the iptv.stb.port parameter in the formGetIptv function. This poses a risk of remote code execution. Recommendations: For Tenda AX1806 version 1.0.0.1,...

9.8CVSS8.2AI score0.00377EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/08/24 12:0 a.m.6 views

PT-2024-38827 · Code Projects · Code-Projects Pharmacy Management System

Name of the Vulnerable Software and Affected Versions: code-projects Pharmacy Management System version 1.0 Description: A critical vulnerability was found in the code-projects Pharmacy Management System. The issue affects the function editManager of the file /index.php?action=editManager of the...

9.8CVSS8.1AI score0.0058EPSS
Exploits1References17
Positive Technologies
Positive Technologies
added 2024/08/22 12:0 a.m.4 views

PT-2024-30138 · Unknown · Kashipara Hotel Management System

Name of the Vulnerable Software and Affected Versions: Kashipara Hotel Management System version 1.0 Description: A Cross-Site Request Forgery CSRF issue was found in the system via the "/admin/delete room.php" API endpoint. This allows an attacker to perform unauthorized actions on the system...

6.8CVSS6.8AI score0.00173EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/08/20 12:0 a.m.6 views

PT-2024-38754 · Genexis · Genexis Tilgin Home Gateway

Name of the Vulnerable Software and Affected Versions: Genexis Tilgin Home Gateway version 322 AS0500-03 05 13 05 Description: This issue affects some unknown processing of the file "/vood/cgi-bin/vood view.cgi?lang=EN&act=user/spec...

5.3CVSS4.1AI score0.00338EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/08/19 12:0 a.m.7 views

PT-2024-30174 · Trendnet · Trendnet Tew-752Dru

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-752DRU version 1.03B01 Description: The issue is due to a lack of length verification for the service field in gena.cgi, leading to a buffer overflow. This can cause the remote target device to crash or allow attackers to execute...

9.8CVSS8AI score0.00698EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2024/08/09 12:0 a.m.8 views

PT-2024-7539 · Tenda · Tenda Ac15

Name of the Vulnerable Software and Affected Versions: Tenda AC15 version 15.03.05.19 Description: A critical vulnerability has been found in the function SetDlnaCfg of the file /goform/SetDlnaCfg. The manipulation of the argument scanList leads to a stack-based buffer overflow. This issue can be...

9CVSS9AI score0.01096EPSS
Exploits1References13
Positive Technologies
Positive Technologies
added 2024/08/09 12:0 a.m.5 views

PT-2024-7882 · D Link · D-Link Di-8003

Name of the Vulnerable Software and Affected Versions: D-Link DI-8003 version 16.07.16A1 Description: A critical issue has been found in the upgrade filter asp function of the /upgrade filter.asp file. The manipulation of the path argument leads to a stack-based buffer overflow. This issue can be...

9.8CVSS7.2AI score0.01175EPSS
Exploits1References18
Positive Technologies
Positive Technologies
added 2024/08/06 12:0 a.m.4 views

PT-2024-6460 · D Link · D-Link Di 8004W

Name of the Vulnerable Software and Affected Versions: D-Link DI 8004W version 16.07.26A1 Description: The issue is related to a command execution vulnerability in the msp info htm function of the jhttpd module. This vulnerability may allow a remote attacker to execute arbitrary commands. The...

9.8CVSS7.9AI score0.01378EPSS
Exploits1References13
Positive Technologies
Positive Technologies
added 2024/07/30 12:0 a.m.14 views

PT-2024-5666 · Tenda · Tenda I22

Name of the Vulnerable Software and Affected Versions: Tenda i22 version 1.0.0.34687 Description: A critical issue was found in the formApPortalPhoneAuth function of the /goform/apPortalPhoneAuth file. The manipulation of the data argument leads to a buffer overflow. This can be exploited remotel...

9.8CVSS8.8AI score0.01261EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/07/29 12:0 a.m.2 views

PT-2024-38144 · Totolink · Totolink A3600R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3600R version 4.1.2cu.5182 B20201102 Description: A critical issue has been found in the setUpgradeFW function of the /cgi-bin/cstecgi.cgi file. The manipulation of the FileName argument leads to buffer overflow. The attack may be...

9CVSS8.8AI score0.01091EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/07/23 12:0 a.m.4 views

PT-2024-5386 · Totolink · Totolink Cp900L

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP900 version 6.3c.566 Description: A critical issue has been found in the Telnet Service component, specifically affecting the setTelnetCfg function. The manipulation of the telnet enabled argument leads to command injection. This...

9.8CVSS7.6AI score0.19907EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/07/23 12:0 a.m.11 views

PT-2024-5477 · Totolink · Totolink Ex1200T

Name of the Vulnerable Software and Affected Versions: TOTOLINK EX1200L version 9.3.5u.6146 B20201023 Description: The issue is caused by a buffer overflow on the stack when processing the http host parameter in the loginauth function of the /cgi-bin/cstecgi.cgi file. This can be exploited by a...

9CVSS8.9AI score0.01203EPSS
Exploits1References13
Positive Technologies
Positive Technologies
added 2024/07/18 12:0 a.m.4 views

PT-2024-5332 · Argo Cd · Argo Cd

Name of the Vulnerable Software and Affected Versions: Argo CD versions 2.6.0 through 2.11.6 Argo CD versions 2.7.0 through 2.10.15 Argo CD versions 2.8.0 through 2.9.20 Description: The issue is related to the Argo CD web terminal, which allows users to get a shell inside a running pod. When the...

6.5CVSS6.8AI score0.00685EPSS
Exploits1References17
Positive Technologies
Positive Technologies
added 2024/07/06 12:0 a.m.7 views

PT-2024-27643 · Unknown · Image Hover Effects - Caption Hover With Carousel

Name of the Vulnerable Software and Affected Versions: Image Hover Effects - Caption Hover with Carousel versions 3.0.2 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS...

6.5CVSS5.8AI score0.00237EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2024/07/05 12:0 a.m.7 views

PT-2024-29211

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.43 Description The issue is related to the ksmbd component in the Linux kernel, where the may open function does not allow a directory to be opened with write access. However, some writing flags set by the...

5.5CVSS5.4AI score0.00288EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/07/05 12:0 a.m.8 views

PT-2024-28329 · Idccms · Idccms

Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in idccms. The vulnerability can be exploited via the "/admin/idcProData deal.php" endpoint, specifically when the mudi parameter is set to "del". This...

5.4CVSS6.7AI score0.00195EPSS
Exploits1References6
Rows per page
Query Builder