350 matches found
PT-2024-31993 · Totolink · Totolink Ac1200 T8
Name of the Vulnerable Software and Affected Versions: TOTOLINK AC1200 T8 version 4.1.5cu.861 B20230220 Description: The issue is a buffer overflow vulnerability in the setWiFiAclRules function via the desc parameter. This vulnerability can be exploited, but details about the estimated number of...
PT-2024-39096 · Sourcecodester · Sourcecodester Online Food Menu
Name of the Vulnerable Software and Affected Versions: SourceCodester Online Food Menu version 1.0 Description: A critical issue has been found in the processing of the file /endpoint/delete-menu.php. The manipulation of the argument menu leads to SQL injection. The attack may be initiated...
PT-2024-30184 · Exiftags +1 · Exiftags +1
Name of the Vulnerable Software and Affected Versions: exiftags version 1.01 Description: A Buffer Overflow vulnerability in exiftags allows a local attacker to execute arbitrary code via the paresetag function. This issue enables local code execution. Recommendations: For exiftags version 1.01, ...
PT-2024-30160 · Unknown · Kashipara Music Management System
Name of the Vulnerable Software and Affected Versions: Kashipara Music Management System version 1.0 Description: A Stored Cross Site Scripting XSS issue was found in the "/music/ajax.php?action=save music" endpoint, allowing remote attackers to execute arbitrary code via the title and artist...
PT-2024-31172 · Tenda · Tenda Ax1806
Name of the Vulnerable Software and Affected Versions: Tenda AX1806 version 1.0.0.1 Description: The issue is a stack overflow that can occur via the iptv.stb.port parameter in the formGetIptv function. This poses a risk of remote code execution. Recommendations: For Tenda AX1806 version 1.0.0.1,...
PT-2024-38827 · Code Projects · Code-Projects Pharmacy Management System
Name of the Vulnerable Software and Affected Versions: code-projects Pharmacy Management System version 1.0 Description: A critical vulnerability was found in the code-projects Pharmacy Management System. The issue affects the function editManager of the file /index.php?action=editManager of the...
PT-2024-30138 · Unknown · Kashipara Hotel Management System
Name of the Vulnerable Software and Affected Versions: Kashipara Hotel Management System version 1.0 Description: A Cross-Site Request Forgery CSRF issue was found in the system via the "/admin/delete room.php" API endpoint. This allows an attacker to perform unauthorized actions on the system...
PT-2024-38754 · Genexis · Genexis Tilgin Home Gateway
Name of the Vulnerable Software and Affected Versions: Genexis Tilgin Home Gateway version 322 AS0500-03 05 13 05 Description: This issue affects some unknown processing of the file "/vood/cgi-bin/vood view.cgi?lang=EN&act=user/spec...
PT-2024-30174 · Trendnet · Trendnet Tew-752Dru
Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-752DRU version 1.03B01 Description: The issue is due to a lack of length verification for the service field in gena.cgi, leading to a buffer overflow. This can cause the remote target device to crash or allow attackers to execute...
PT-2024-7539 · Tenda · Tenda Ac15
Name of the Vulnerable Software and Affected Versions: Tenda AC15 version 15.03.05.19 Description: A critical vulnerability has been found in the function SetDlnaCfg of the file /goform/SetDlnaCfg. The manipulation of the argument scanList leads to a stack-based buffer overflow. This issue can be...
PT-2024-7882 · D Link · D-Link Di-8003
Name of the Vulnerable Software and Affected Versions: D-Link DI-8003 version 16.07.16A1 Description: A critical issue has been found in the upgrade filter asp function of the /upgrade filter.asp file. The manipulation of the path argument leads to a stack-based buffer overflow. This issue can be...
PT-2024-6460 · D Link · D-Link Di 8004W
Name of the Vulnerable Software and Affected Versions: D-Link DI 8004W version 16.07.26A1 Description: The issue is related to a command execution vulnerability in the msp info htm function of the jhttpd module. This vulnerability may allow a remote attacker to execute arbitrary commands. The...
PT-2024-5666 · Tenda · Tenda I22
Name of the Vulnerable Software and Affected Versions: Tenda i22 version 1.0.0.34687 Description: A critical issue was found in the formApPortalPhoneAuth function of the /goform/apPortalPhoneAuth file. The manipulation of the data argument leads to a buffer overflow. This can be exploited remotel...
PT-2024-38144 · Totolink · Totolink A3600R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A3600R version 4.1.2cu.5182 B20201102 Description: A critical issue has been found in the setUpgradeFW function of the /cgi-bin/cstecgi.cgi file. The manipulation of the FileName argument leads to buffer overflow. The attack may be...
PT-2024-5386 · Totolink · Totolink Cp900L
Name of the Vulnerable Software and Affected Versions: TOTOLINK CP900 version 6.3c.566 Description: A critical issue has been found in the Telnet Service component, specifically affecting the setTelnetCfg function. The manipulation of the telnet enabled argument leads to command injection. This...
PT-2024-5477 · Totolink · Totolink Ex1200T
Name of the Vulnerable Software and Affected Versions: TOTOLINK EX1200L version 9.3.5u.6146 B20201023 Description: The issue is caused by a buffer overflow on the stack when processing the http host parameter in the loginauth function of the /cgi-bin/cstecgi.cgi file. This can be exploited by a...
PT-2024-5332 · Argo Cd · Argo Cd
Name of the Vulnerable Software and Affected Versions: Argo CD versions 2.6.0 through 2.11.6 Argo CD versions 2.7.0 through 2.10.15 Argo CD versions 2.8.0 through 2.9.20 Description: The issue is related to the Argo CD web terminal, which allows users to get a shell inside a running pod. When the...
PT-2024-27643 · Unknown · Image Hover Effects - Caption Hover With Carousel
Name of the Vulnerable Software and Affected Versions: Image Hover Effects - Caption Hover with Carousel versions 3.0.2 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS...
PT-2024-29211
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.43 Description The issue is related to the ksmbd component in the Linux kernel, where the may open function does not allow a directory to be opened with write access. However, some writing flags set by the...
PT-2024-28329 · Idccms · Idccms
Name of the Vulnerable Software and Affected Versions: idccms version 1.35 Description: A Cross-Site Request Forgery CSRF issue was discovered in idccms. The vulnerability can be exploited via the "/admin/idcProData deal.php" endpoint, specifically when the mudi parameter is set to "del". This...