🚨 CVE-2024-10609
A vulnerability, which was classified as critical, was found in itsourcecode Tailoring Management System Project 1.0. This affects an unknown part of the file typeadd.php. The manipulation of the argument sex leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
🎖@cveNotify
A vulnerability, which was classified as critical, was found in itsourcecode Tailoring Management System Project 1.0. This affects an unknown part of the file typeadd.php. The manipulation of the argument sex leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
🎖@cveNotify
GitHub
Itsourcecode Tailoring Management System Project In PHP With Source Code v1.0 · Issue #17 · Lanxiy7th/lx_CVE_report-
Itsourcecode Tailoring Management System Project In PHP With Source Code v1.0 typeadd.php SQL injection NAME OF AFFECTED PRODUCT(S) Tailoring Management System Project In PHP With Source Code Vendo...
🚨 CVE-2024-8553
A vulnerability was found in Foreman's loader macros introduced with report templates. These macros may allow an authenticated user with permissions to view and create templates to read any field from Foreman's database. By using specific strings in the loader macros, users can bypass permissions and access sensitive information.
🎖@cveNotify
A vulnerability was found in Foreman's loader macros introduced with report templates. These macros may allow an authenticated user with permissions to view and create templates to read any field from Foreman's database. By using specific strings in the loader macros, users can bypass permissions and access sensitive information.
🎖@cveNotify
🚨 CVE-2024-10610
A vulnerability has been found in ESAFENET CDG 5 and classified as critical. This vulnerability affects the function delProtocol of the file /com/esafenet/servlet/system/ProtocolService.java. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
A vulnerability has been found in ESAFENET CDG 5 and classified as critical. This vulnerability affects the function delProtocol of the file /com/esafenet/servlet/system/ProtocolService.java. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
flowus.cn
FlowUs 息流 - 新一代生产力工具
🚨 CVE-2024-10611
A vulnerability was found in ESAFENET CDG 5 and classified as critical. This issue affects the function delProtocol of the file /com/esafenet/servlet/system/PrintScreenListService.java. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
A vulnerability was found in ESAFENET CDG 5 and classified as critical. This issue affects the function delProtocol of the file /com/esafenet/servlet/system/PrintScreenListService.java. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
🚨 CVE-2024-10612
A vulnerability was found in ESAFENET CDG 5. It has been classified as critical. Affected is the function removeHookInvalidCourse of the file /com/esafenet/servlet/system/HookInvalidCourseService.java. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
A vulnerability was found in ESAFENET CDG 5. It has been classified as critical. Affected is the function removeHookInvalidCourse of the file /com/esafenet/servlet/system/HookInvalidCourseService.java. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
flowus.cn
【CVE-2024-10612】ESAFENET CDG V5 HookInvalidCourse DelHookInvalidCourse interface has an SQL injection vulnerability in the id.
officialwebsite:https://www.esafenet.comproduct:https://www.esafenet.com/dzwdaqglxtAffectedversion:V5VulnerabilityPOChtt
🚨 CVE-2024-10613
A vulnerability was found in ESAFENET CDG 5. It has been declared as critical. Affected by this vulnerability is the function delSystemEncryptPolicy of the file /com/esafenet/servlet/system/SystemEncryptPolicyService.java. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
A vulnerability was found in ESAFENET CDG 5. It has been declared as critical. Affected by this vulnerability is the function delSystemEncryptPolicy of the file /com/esafenet/servlet/system/SystemEncryptPolicyService.java. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
flowus.cn
FlowUs 息流 - 新一代生产力工具
🚨 CVE-2024-10615
A vulnerability was found in Tongda OA 2017 up to 11.10. It has been rated as critical. Affected by this issue is some unknown functionality of the file /general/approve_center/query/list/input_form/delete_data_attach.php. The manipulation of the argument RUN_ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
🎖@cveNotify
A vulnerability was found in Tongda OA 2017 up to 11.10. It has been rated as critical. Affected by this issue is some unknown functionality of the file /general/approve_center/query/list/input_form/delete_data_attach.php. The manipulation of the argument RUN_ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
🎖@cveNotify
GitHub
SQL injection 3 · Issue #6 · LvZCh/td
Source Code Developer: Beijing Tongda Xinke Technology Co., Ltd Source code name:Tongda OA Source code version:v2017-v11.10 Source code official website:https://www.tongda2000.com/ Source code down...
🚨 CVE-2024-10616
A vulnerability classified as critical has been found in Tongda OA up to 11.9. This affects an unknown part of the file /pda/workflow/webSignSubmit.php. The manipulation of the argument saleId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
🎖@cveNotify
A vulnerability classified as critical has been found in Tongda OA up to 11.9. This affects an unknown part of the file /pda/workflow/webSignSubmit.php. The manipulation of the argument saleId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
🎖@cveNotify
GitHub
SQL injection 4 · Issue #7 · LvZCh/td
Source Code Developer: Beijing Tongda Xinke Technology Co., Ltd Source code name:Tongda OA Source code version:v11.2-v11.9 Source code official website:https://www.tongda2000.com/ Source code downl...
🚨 CVE-2024-10617
A vulnerability classified as critical was found in Tongda OA up to 11.10. This vulnerability affects unknown code of the file /pda/workflow/check_seal.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
🎖@cveNotify
A vulnerability classified as critical was found in Tongda OA up to 11.10. This vulnerability affects unknown code of the file /pda/workflow/check_seal.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
🎖@cveNotify
GitHub
SQL injection 5 · Issue #8 · LvZCh/td
Source Code Developer: Beijing Tongda Xinke Technology Co., Ltd Source code name:Tongda OA Source code version:v11.2-v11.10 Source code official website:https://www.tongda2000.com/ Source code down...
🚨 CVE-2024-10618
A vulnerability, which was classified as critical, has been found in Tongda OA 2017 up to 11.10. This issue affects some unknown processing of the file /pda/reportshop/record_detail.php. The manipulation of the argument repid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
🎖@cveNotify
A vulnerability, which was classified as critical, has been found in Tongda OA 2017 up to 11.10. This issue affects some unknown processing of the file /pda/reportshop/record_detail.php. The manipulation of the argument repid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
🎖@cveNotify
GitHub
SQL injection 6 · Issue #9 · LvZCh/td
Source Code Developer: Beijing Tongda Xinke Technology Co., Ltd Source code name:Tongda OA Source code version:v2017-v11.10 Source code official website:https://www.tongda2000.com/ Source code down...
🚨 CVE-2024-10619
A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.10. Affected is an unknown function of the file /pda/reportshop/next_detail.php. The manipulation of the argument repid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
🎖@cveNotify
A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.10. Affected is an unknown function of the file /pda/reportshop/next_detail.php. The manipulation of the argument repid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
🎖@cveNotify
GitHub
SQL injection 7 · Issue #10 · LvZCh/td
Source Code Developer: Beijing Tongda Xinke Technology Co., Ltd Source code name:Tongda OA Source code version:v2017-v11.10 Source code official website:https://www.tongda2000.com/ Source code down...
🚨 CVE-2024-10620
A vulnerability was found in knightliao Disconf 2.6.36. It has been classified as critical. This affects an unknown part of the file /api/config/list of the component Configuration Center. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
🎖@cveNotify
A vulnerability was found in knightliao Disconf 2.6.36. It has been classified as critical. This affects an unknown part of the file /api/config/list of the component Configuration Center. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
🎖@cveNotify
GitHub
Improper permission management allowing unauthorized users to access sensitive configuration information · Issue #431 · knightliao/disconf
The Disconf of version 2.6.36 has improper permission management, allowing unauthorized users to access sensitive configuration information stored in the configuration center. Proof on Concept: 1) ...
👍1
🚨 CVE-2024-21510
Versions of the package sinatra from 0.0.0 are vulnerable to Reliance on Untrusted Inputs in a Security Decision via the X-Forwarded-Host (XFH) header. When making a request to a method with redirect applied, it is possible to trigger an Open Redirect Attack by inserting an arbitrary address into this header. If used for caching purposes, such as with servers like Nginx, or as a reverse proxy, without handling the X-Forwarded-Host header, attackers can potentially exploit Cache Poisoning or Routing-based SSRF.
🎖@cveNotify
Versions of the package sinatra from 0.0.0 are vulnerable to Reliance on Untrusted Inputs in a Security Decision via the X-Forwarded-Host (XFH) header. When making a request to a method with redirect applied, it is possible to trigger an Open Redirect Attack by inserting an arbitrary address into this header. If used for caching purposes, such as with servers like Nginx, or as a reverse proxy, without handling the X-Forwarded-Host header, attackers can potentially exploit Cache Poisoning or Routing-based SSRF.
🎖@cveNotify
🚨 CVE-2024-47939
Stack-based buffer overflow vulnerability exists in multiple Ricoh laser printers and MFPs which implement Web Image Monitor. If this vulnerability is exploited, receiving a specially crafted request created and sent by an attacker may lead to arbitrary code execution and/or a denial-of-service (DoS) condition. As for the details of affected product names and versions, refer to the information provided by the vendor under [References].
🎖@cveNotify
Stack-based buffer overflow vulnerability exists in multiple Ricoh laser printers and MFPs which implement Web Image Monitor. If this vulnerability is exploited, receiving a specially crafted request created and sent by an attacker may lead to arbitrary code execution and/or a denial-of-service (DoS) condition. As for the details of affected product names and versions, refer to the information provided by the vendor under [References].
🎖@cveNotify
Ricoh
脆弱性ごとの情報リスト | リコーグループ 企業・IR | RICOH
2022年10月1日以降は脆弱性情報を本ページに掲載します。お客様にとって重要と判断した場合は、従来と同様に「重要なお知らせ」にも掲載いたします。
🚨 CVE-2024-49501
Sysmac Studio provided by OMRON Corporation contains an incorrect authorization vulnerability. If this vulnerability is exploited, an attacker may access the program which is protected by Data Protection function.
🎖@cveNotify
Sysmac Studio provided by OMRON Corporation contains an incorrect authorization vulnerability. If this vulnerability is exploited, an attacker may access the program which is protected by Data Protection function.
🎖@cveNotify
jvn.jp
JVNVU#95685374: Incorrect authorization vulnerability in OMRON Sysmac Studio
Japan Vulnerability Notes
🚨 CVE-2024-0105
NVIDIA ConnectX Firmware contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. A successful exploit of this vulnerability may lead to denial of service, data tampering, and limited information disclosure.
🎖@cveNotify
NVIDIA ConnectX Firmware contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. A successful exploit of this vulnerability may lead to denial of service, data tampering, and limited information disclosure.
🎖@cveNotify
🚨 CVE-2024-0106
NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit (DPU) contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. A successful exploit of this vulnerability may lead to denial of service, data tampering, and limited information disclosure.
🎖@cveNotify
NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit (DPU) contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. A successful exploit of this vulnerability may lead to denial of service, data tampering, and limited information disclosure.
🎖@cveNotify
🚨 CVE-2023-6942
Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 and later, GT Designer3 Version1(GOT1000) all versions, GT Designer3 Version1(GOT2000) all versions, GX Works2 versions 1.11M and later, GX Works3 versions 1.106L and prior, MELSOFT Navigator versions 1.04E and later, MT Works2 all versions, MX Component versions 4.00A and later and MX OPC Server DA/UA all versions allows a remote unauthenticated attacker to bypass authentication by sending specially crafted packets and connect to the products illegally.
🎖@cveNotify
Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 and later, GT Designer3 Version1(GOT1000) all versions, GT Designer3 Version1(GOT2000) all versions, GX Works2 versions 1.11M and later, GX Works3 versions 1.106L and prior, MELSOFT Navigator versions 1.04E and later, MT Works2 all versions, MX Component versions 4.00A and later and MX OPC Server DA/UA all versions allows a remote unauthenticated attacker to bypass authentication by sending specially crafted packets and connect to the products illegally.
🎖@cveNotify
jvn.jp
JVNVU#95103362: 三菱電機製FAエンジニアリングソフトウェア製品における複数の脆弱性
Japan Vulnerability Notes
🚨 CVE-2023-6943
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 and later, GT Designer3 Version1(GOT1000) all versions, GT Designer3 Version1(GOT2000) all versions, GX Works2 versions 1.11M and later, GX Works3 versions 1.106L and prior, MELSOFT Navigator versions 1.04E and later, MT Works2 all versions, MX Component versions 4.00A and later and MX OPC Server DA/UA all versions allows a remote unauthenticated attacker to execute a malicious code by RPC with a path to a malicious library while connected to the products.
🎖@cveNotify
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 and later, GT Designer3 Version1(GOT1000) all versions, GT Designer3 Version1(GOT2000) all versions, GX Works2 versions 1.11M and later, GX Works3 versions 1.106L and prior, MELSOFT Navigator versions 1.04E and later, MT Works2 all versions, MX Component versions 4.00A and later and MX OPC Server DA/UA all versions allows a remote unauthenticated attacker to execute a malicious code by RPC with a path to a malicious library while connected to the products.
🎖@cveNotify
jvn.jp
JVNVU#95103362: 三菱電機製FAエンジニアリングソフトウェア製品における複数の脆弱性
Japan Vulnerability Notes
🚨 CVE-2024-10232
The Group Chat & Video Chat by AtomChat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's atomchat shortcode in all versions up to, and including, 1.1.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
🎖@cveNotify
The Group Chat & Video Chat by AtomChat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's atomchat shortcode in all versions up to, and including, 1.1.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
🎖@cveNotify
🚨 CVE-2024-10651
IDExpert from CHANGING Information Technology does not properly validate a specific parameter in the administrator interface, allowing remote attackers with administrator privileges to exploit this vulnerability to read arbitrary system files.
🎖@cveNotify
IDExpert from CHANGING Information Technology does not properly validate a specific parameter in the administrator interface, allowing remote attackers with administrator privileges to exploit this vulnerability to read arbitrary system files.
🎖@cveNotify