🚨 CVE-2022-43216
AbrhilSoft Employee's Portal before v5.6.2 was discovered to contain a SQL injection vulnerability in the login page.
🎖@cveNotify
AbrhilSoft Employee's Portal before v5.6.2 was discovered to contain a SQL injection vulnerability in the login page.
🎖@cveNotify
🚨 CVE-2024-26574
Insecure Permissions vulnerability in Wondershare Filmora v.13.0.51 allows a local attacker to execute arbitrary code via a crafted script to the WSNativePushService.exe
🎖@cveNotify
Insecure Permissions vulnerability in Wondershare Filmora v.13.0.51 allows a local attacker to execute arbitrary code via a crafted script to the WSNativePushService.exe
🎖@cveNotify
Wondershare
[Official] Wondershare Filmora: Edit Video as a Pro
Filmora is an all-in-one video editing software for desktop and mobile. Easily create professional videos with intuitive tools, AI-powered features, and creative effects.
🚨 CVE-2024-3439
A vulnerability was found in SourceCodester Prison Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /Account/login.php. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259692.
🎖@cveNotify
A vulnerability was found in SourceCodester Prison Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /Account/login.php. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259692.
🎖@cveNotify
GitHub
CVE/PrisonManagementSystemSQL2.md at main · fubxx/CVE
My CVE exploit repository. Contribute to fubxx/CVE development by creating an account on GitHub.
🚨 CVE-2011-10006
A vulnerability was found in GamerZ WP-PostRatings up to 1.64. It has been classified as problematic. This affects an unknown part of the file wp-postratings.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.65 is able to address this issue. The identifier of the patch is 6182a5682b12369ced0becd3b505439ce2eb8132. It is recommended to upgrade the affected component. The identifier VDB-259629 was assigned to this vulnerability.
🎖@cveNotify
A vulnerability was found in GamerZ WP-PostRatings up to 1.64. It has been classified as problematic. This affects an unknown part of the file wp-postratings.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.65 is able to address this issue. The identifier of the patch is 6182a5682b12369ced0becd3b505439ce2eb8132. It is recommended to upgrade the affected component. The identifier VDB-259629 was assigned to this vulnerability.
🎖@cveNotify
GitHub
Fixed XSS + Increment version number · wp-plugins/wp-postratings@6182a56
git-svn-id: https://plugins.svn.wordpress.org/wp-postratings/trunk@346735 b8457f37-d9ea-0310-8a92-e5e31aec5664
🚨 CVE-2014-125111
A vulnerability was found in namithjawahar Wp-Insert up to 2.0.8 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 2.0.9 is able to address this issue. The name of the patch is a07b7b08084b9b85859f3968ce7fde0fd1fcbba3. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-259628.
🎖@cveNotify
A vulnerability was found in namithjawahar Wp-Insert up to 2.0.8 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 2.0.9 is able to address this issue. The name of the patch is a07b7b08084b9b85859f3968ce7fde0fd1fcbba3. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-259628.
🎖@cveNotify
GitHub
XSS Exploit Fix. · wp-plugins/wp-insert@a07b7b0
git-svn-id: https://plugins.svn.wordpress.org/wp-insert/trunk@831372 b8457f37-d9ea-0310-8a92-e5e31aec5664
🚨 CVE-2024-28066
In Unify CP IP Phone firmware 1.10.4.3, Weak Credentials are used (a hardcoded root password).
🎖@cveNotify
In Unify CP IP Phone firmware 1.10.4.3, Weak Credentials are used (a hardcoded root password).
🎖@cveNotify
www.syss.de
SySS GmbH - The Pentest Experts
IT Security Anbieter – Schwachstellen erkennen | IT-Sicherheit prüfen | Systeme absichern | Risiken nachhaltig minimieren | Schutz gezielt verbessern | Syss
🚨 CVE-2024-2834
A Stored Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Management Center and ArcSight Platform. The vulnerability could be remotely exploited.
🎖@cveNotify
A Stored Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Management Center and ArcSight Platform. The vulnerability could be remotely exploited.
🎖@cveNotify
🚨 CVE-2024-31805
TOTOLINK EX200 V4.0.3c.7646_B20201211 allows attackers to start the Telnet service without authorization via the telnet_enabled parameter in the setTelnetCfg function.
🎖@cveNotify
TOTOLINK EX200 V4.0.3c.7646_B20201211 allows attackers to start the Telnet service without authorization via the telnet_enabled parameter in the setTelnetCfg function.
🎖@cveNotify
GitHub
CVE-vulns/TOTOLINK/EX200/CI_5_setTelnetCfg/CI.md at main · 4hsienyang/CVE-vulns
CVE-vulns. Contribute to 4hsienyang/CVE-vulns development by creating an account on GitHub.
🚨 CVE-2024-31806
TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a Denial-of-Service (DoS) vulnerability in the RebootSystem function which can reboot the system without authorization.
🎖@cveNotify
TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a Denial-of-Service (DoS) vulnerability in the RebootSystem function which can reboot the system without authorization.
🎖@cveNotify
GitHub
CVE-vulns/TOTOLINK/EX200/DoS_RebootSystem/DoS.md at main · 4hsien/CVE-vulns
CVE-vulns. Contribute to 4hsien/CVE-vulns development by creating an account on GitHub.
🚨 CVE-2024-31807
TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a remote code execution (RCE) vulnerability via the hostTime parameter in the NTPSyncWithHost function.
🎖@cveNotify
TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a remote code execution (RCE) vulnerability via the hostTime parameter in the NTPSyncWithHost function.
🎖@cveNotify
GitHub
CVE-vulns/TOTOLINK/EX200/CI_2_NTPSyncWithHost/CI.md at main · 4hsienyang/CVE-vulns
CVE-vulns. Contribute to 4hsienyang/CVE-vulns development by creating an account on GitHub.
🚨 CVE-2024-31808
TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a remote code execution (RCE) vulnerability via the webWlanIdx parameter in the setWebWlanIdx function.
🎖@cveNotify
TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a remote code execution (RCE) vulnerability via the webWlanIdx parameter in the setWebWlanIdx function.
🎖@cveNotify
GitHub
CVE-vulns/TOTOLINK/EX200/CI_3_setWebWlanIdx/CI.md at main · 4hsien/CVE-vulns
CVE-vulns. Contribute to 4hsien/CVE-vulns development by creating an account on GitHub.
🚨 CVE-2024-31809
TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a remote code execution (RCE) vulnerability via the FileName parameter in the setUpgradeFW function.
🎖@cveNotify
TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a remote code execution (RCE) vulnerability via the FileName parameter in the setUpgradeFW function.
🎖@cveNotify
GitHub
CVE-vulns/TOTOLINK/EX200/CI_4_setUpgradeFW/CI.md at main · 4hsien/CVE-vulns
CVE-vulns. Contribute to 4hsien/CVE-vulns development by creating an account on GitHub.
🚨 CVE-2024-31811
TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a remote code execution (RCE) vulnerability via the langType parameter in the setLanguageCfg function.
🎖@cveNotify
TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a remote code execution (RCE) vulnerability via the langType parameter in the setLanguageCfg function.
🎖@cveNotify
GitHub
CVE-vulns/TOTOLINK/EX200/CI_1_setLanguageCfg/CI.md at main · 4hsien/CVE-vulns
CVE-vulns. Contribute to 4hsien/CVE-vulns development by creating an account on GitHub.
🚨 CVE-2024-31812
In TOTOLINK EX200 V4.0.3c.7646_B20201211, an attacker can obtain sensitive information without authorization through the function getWiFiExtenderConfig.
🎖@cveNotify
In TOTOLINK EX200 V4.0.3c.7646_B20201211, an attacker can obtain sensitive information without authorization through the function getWiFiExtenderConfig.
🎖@cveNotify
GitHub
CVE-vulns/TOTOLINK/EX200/Leak_getWiFiExtenderConfig/Leak.md at main · 4hsien/CVE-vulns
CVE-vulns. Contribute to 4hsien/CVE-vulns development by creating an account on GitHub.
🚨 CVE-2024-28732
An issue was discovered in OFPMatch in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop).
🎖@cveNotify
An issue was discovered in OFPMatch in parser.py in Faucet SDN Ryu version 4.34, allows remote attackers to cause a denial of service (DoS) (infinite loop).
🎖@cveNotify
Gist
CVE-2024-28732-Ref
CVE-2024-28732-Ref. GitHub Gist: instantly share code, notes, and snippets.
🚨 CVE-2024-2511
Issue summary: Some non-default TLS server configurations can cause unbounded
memory growth when processing TLSv1.3 sessions
Impact summary: An attacker may exploit certain server configurations to trigger
unbounded memory growth that would lead to a Denial of Service
This problem can occur in TLSv1.3 if the non-default SSL_OP_NO_TICKET option is
being used (but not if early_data support is also configured and the default
anti-replay protection is in use). In this case, under certain conditions, the
session cache can get into an incorrect state and it will fail to flush properly
as it fills. The session cache will continue to grow in an unbounded manner. A
malicious client could deliberately create the scenario for this failure to
force a Denial of Service. It may also happen by accident in normal operation.
This issue only affects TLS servers supporting TLSv1.3. It does not affect TLS
clients.
The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. OpenSSL
1.0.2 is also not affected by this issue.
🎖@cveNotify
Issue summary: Some non-default TLS server configurations can cause unbounded
memory growth when processing TLSv1.3 sessions
Impact summary: An attacker may exploit certain server configurations to trigger
unbounded memory growth that would lead to a Denial of Service
This problem can occur in TLSv1.3 if the non-default SSL_OP_NO_TICKET option is
being used (but not if early_data support is also configured and the default
anti-replay protection is in use). In this case, under certain conditions, the
session cache can get into an incorrect state and it will fail to flush properly
as it fills. The session cache will continue to grow in an unbounded manner. A
malicious client could deliberately create the scenario for this failure to
force a Denial of Service. It may also happen by accident in normal operation.
This issue only affects TLS servers supporting TLSv1.3. It does not affect TLS
clients.
The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue. OpenSSL
1.0.2 is also not affected by this issue.
🎖@cveNotify
GitHub
Fix unconstrained session cache growth in TLSv1.3 · openssl/openssl@7e4d731
In TLSv1.3 we create a new session object for each ticket that we send.
We do this by duplicating the original session. If SSL_OP_NO_TICKET is in
use then the new session will be added to the sessi...
We do this by duplicating the original session. If SSL_OP_NO_TICKET is in
use then the new session will be added to the sessi...
🚨 CVE-2024-3440
A vulnerability was found in SourceCodester Prison Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /Admin/edit_profile.php. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259693 was assigned to this vulnerability.
🎖@cveNotify
A vulnerability was found in SourceCodester Prison Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /Admin/edit_profile.php. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259693 was assigned to this vulnerability.
🎖@cveNotify
GitHub
CVE/PrisonManagementSystemSQL3.md at main · fubxx/CVE
My CVE exploit repository. Contribute to fubxx/CVE development by creating an account on GitHub.
🚨 CVE-2024-3441
A vulnerability was found in SourceCodester Prison Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Employee/edit-profile.php. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-259694 is the identifier assigned to this vulnerability.
🎖@cveNotify
A vulnerability was found in SourceCodester Prison Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Employee/edit-profile.php. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-259694 is the identifier assigned to this vulnerability.
🎖@cveNotify
GitHub
CVE/PrisonManagementSystemSQL4.md at main · fubxx/CVE
My CVE exploit repository. Contribute to fubxx/CVE development by creating an account on GitHub.
🚨 CVE-2024-30269
DataEase, an open source data visualization and analysis tool, has a database configuration information exposure vulnerability prior to version 2.5.0. Visiting the `/de2api/engine/getEngine;.js` path via a browser reveals that the platform's database configuration is returned. The vulnerability has been fixed in v2.5.0. No known workarounds are available aside from upgrading.
🎖@cveNotify
DataEase, an open source data visualization and analysis tool, has a database configuration information exposure vulnerability prior to version 2.5.0. Visiting the `/de2api/engine/getEngine;.js` path via a browser reveals that the platform's database configuration is returned. The vulnerability has been fixed in v2.5.0. No known workarounds are available aside from upgrading.
🎖@cveNotify
GitHub
Release v2.5.0 · dataease/dataease
新增功能
feat(仪表板): 仪表板的公共链接支持在移动端打开
feat(仪表板): 支持仪表板资源树支持排序
feat(仪表板): 公共链接打开后,浏览器网页标题提示支持显示为仪表板和数据大屏的名称
feat(仪表板): 支持可视化资源支持外部参数功能 #8257
feat(仪表板): 增加开启移动端功能
feat(图表): 支持地图图例显示为整数 #8202
feat(图表): 地图...
feat(仪表板): 仪表板的公共链接支持在移动端打开
feat(仪表板): 支持仪表板资源树支持排序
feat(仪表板): 公共链接打开后,浏览器网页标题提示支持显示为仪表板和数据大屏的名称
feat(仪表板): 支持可视化资源支持外部参数功能 #8257
feat(仪表板): 增加开启移动端功能
feat(图表): 支持地图图例显示为整数 #8202
feat(图表): 地图...
🚨 CVE-2024-31205
Saleor is an e-commerce platform. Starting in version 3.10.0 and prior to versions 3.14.64, 3.15.39, 3.16.39, 3.17.35, 3.18.31, and 3.19.19, an attacker may bypass cross-set request forgery (CSRF) validation when calling refresh token mutation with empty string. When a user provides an empty string in `refreshToken` mutation, while the token persists in `JWT_REFRESH_TOKEN_COOKIE_NAME` cookie, application omits validation against CSRF token and returns valid access token. Versions 3.14.64, 3.15.39, 3.16.39, 3.17.35, 3.18.31, and 3.19.19 contain a patch for the issue. As a workaround, one may replace `saleor.graphql.account.mutations.authentication.refresh_token.py.get_refresh_token`. This will fix the issue, but be aware, that it returns `JWT_MISSING_TOKEN` instead of `JWT_INVALID_TOKEN`.
🎖@cveNotify
Saleor is an e-commerce platform. Starting in version 3.10.0 and prior to versions 3.14.64, 3.15.39, 3.16.39, 3.17.35, 3.18.31, and 3.19.19, an attacker may bypass cross-set request forgery (CSRF) validation when calling refresh token mutation with empty string. When a user provides an empty string in `refreshToken` mutation, while the token persists in `JWT_REFRESH_TOKEN_COOKIE_NAME` cookie, application omits validation against CSRF token and returns valid access token. Versions 3.14.64, 3.15.39, 3.16.39, 3.17.35, 3.18.31, and 3.19.19 contain a patch for the issue. As a workaround, one may replace `saleor.graphql.account.mutations.authentication.refresh_token.py.get_refresh_token`. This will fix the issue, but be aware, that it returns `JWT_MISSING_TOKEN` instead of `JWT_INVALID_TOKEN`.
🎖@cveNotify
GitHub
Advisory fix merx-280. · saleor/saleor@36699c6
Saleor Core: the high performance, composable, headless commerce API. - Advisory fix merx-280. · saleor/saleor@36699c6
🚨 CVE-2024-31221
Sunshine is a self-hosted game stream host for Moonlight. Starting in version 0.10.0 and prior to version 0.23.0, after unpairing all devices in the web UI interface and then pairing only one device, all of the previously devices will be temporarily paired. Version 0.23.0 contains a patch for the issue. As a workaround, restarting Sunshine after unpairing all devices prevents the vulnerability.
🎖@cveNotify
Sunshine is a self-hosted game stream host for Moonlight. Starting in version 0.10.0 and prior to version 0.23.0, after unpairing all devices in the web UI interface and then pairing only one device, all of the previously devices will be temporarily paired. Version 0.23.0 contains a patch for the issue. As a workaround, restarting Sunshine after unpairing all devices prevents the vulnerability.
🎖@cveNotify
GitHub
fix(security): ensure unpairing takes effect without restart (#2365) · LizardByte/Sunshine@b7aa811
Self-hosted game stream host for Moonlight. Contribute to LizardByte/Sunshine development by creating an account on GitHub.