🚨 CVE-2024-42745
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUPnPCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.
🎖@cveNotify
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in setUPnPCfg. Authenticated Attackers can send malicious packet to execute arbitrary commands.
🎖@cveNotify
GitHub
reports/totolink/x5000r/setUPnPCfg/setUPnPCfg.md at main · HouseFuzz/reports
CVE reports. Contribute to HouseFuzz/reports development by creating an account on GitHub.
🚨 CVE-2024-41623
An issue in D3D Security D3D IP Camera (D8801) v.V9.1.17.1.4-20180428 allows a local attacker to execute arbitrary code via a crafted payload
🎖@cveNotify
An issue in D3D Security D3D IP Camera (D8801) v.V9.1.17.1.4-20180428 allows a local attacker to execute arbitrary code via a crafted payload
🎖@cveNotify
🚨 CVE-2024-42736
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in addBlacklist. Authenticated Attackers can send malicious packet to execute arbitrary commands.
🎖@cveNotify
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in addBlacklist. Authenticated Attackers can send malicious packet to execute arbitrary commands.
🎖@cveNotify
GitHub
reports/totolink/x5000r/addBlacklist/addBlacklist.md at main · HouseFuzz/reports
CVE reports. Contribute to HouseFuzz/reports development by creating an account on GitHub.
🚨 CVE-2024-42737
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in delBlacklist. Authenticated Attackers can send malicious packet to execute arbitrary commands.
🎖@cveNotify
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command injection vulnerability in delBlacklist. Authenticated Attackers can send malicious packet to execute arbitrary commands.
🎖@cveNotify
GitHub
reports/totolink/x5000r/delBlacklist/delBlacklist.md at main · HouseFuzz/reports
CVE reports. Contribute to HouseFuzz/reports development by creating an account on GitHub.
🚨 CVE-2024-7289
A vulnerability was found in SourceCodester Establishment Billing Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /manage_payment.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-273158 is the identifier assigned to this vulnerability.
🎖@cveNotify
A vulnerability was found in SourceCodester Establishment Billing Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /manage_payment.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-273158 is the identifier assigned to this vulnerability.
🎖@cveNotify
Gist
sourcecodester_Establishment Billing Management System_SQL_INJECTION_4.md
GitHub Gist: instantly share code, notes, and snippets.
🚨 CVE-2024-7290
A vulnerability classified as critical has been found in SourceCodester Establishment Billing Management System 1.0. This affects an unknown part of the file /manage_tenant.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273159.
🎖@cveNotify
A vulnerability classified as critical has been found in SourceCodester Establishment Billing Management System 1.0. This affects an unknown part of the file /manage_tenant.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273159.
🎖@cveNotify
Gist
sourcecodester_Establishment Billing Management System_SQL_INJECTION_5.md
GitHub Gist: instantly share code, notes, and snippets.
🚨 CVE-2024-7307
A vulnerability has been found in SourceCodester Establishment Billing Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /manage_billing.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273199.
🎖@cveNotify
A vulnerability has been found in SourceCodester Establishment Billing Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /manage_billing.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273199.
🎖@cveNotify
Gist
sourcecodester_Establishment Billing Management System_SQL_INJECTION_7.md
GitHub Gist: instantly share code, notes, and snippets.
🚨 CVE-2024-7308
A vulnerability was found in SourceCodester Establishment Billing Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /view_bill.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273200.
🎖@cveNotify
A vulnerability was found in SourceCodester Establishment Billing Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /view_bill.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273200.
🎖@cveNotify
Gist
sourcecodester_Establishment Billing Management System_SQL_INJECTION_8.md
GitHub Gist: instantly share code, notes, and snippets.
🚨 CVE-2024-7309
A vulnerability was found in SourceCodester Record Management System 1.0. It has been classified as problematic. This affects an unknown part of the file entry.php. The manipulation of the argument school leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273201 was assigned to this vulnerability.
🎖@cveNotify
A vulnerability was found in SourceCodester Record Management System 1.0. It has been classified as problematic. This affects an unknown part of the file entry.php. The manipulation of the argument school leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273201 was assigned to this vulnerability.
🎖@cveNotify
GitHub
VUL/Record-Management-System-1.md at main · zw-a11y/VUL
Contribute to zw-a11y/VUL development by creating an account on GitHub.
🚨 CVE-2024-7310
A vulnerability was found in SourceCodester Record Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file sort_user.php. The manipulation of the argument sort leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-273202 is the identifier assigned to this vulnerability.
🎖@cveNotify
A vulnerability was found in SourceCodester Record Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file sort_user.php. The manipulation of the argument sort leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-273202 is the identifier assigned to this vulnerability.
🎖@cveNotify
GitHub
VUL/Record-Management-System-2.md at main · zw-a11y/VUL
Contribute to zw-a11y/VUL development by creating an account on GitHub.
🚨 CVE-2024-7311
A vulnerability was found in code-projects Online Bus Reservation Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file register.php. The manipulation of the argument Email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273203.
🎖@cveNotify
A vulnerability was found in code-projects Online Bus Reservation Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file register.php. The manipulation of the argument Email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-273203.
🎖@cveNotify
GitHub
code-projects Online Bus Reservation Site Using PHP With Source Code v1.0 register.php SQL injection · Issue #1 · 23588hk/cve
code-projects Online Bus Reservation Site Using PHP With Source Code v1.0 register.php SQL injection NAME OF AFFECTED PRODUCT(S) Online Bus Reservation Site Using PHP With Source Code Vendor Homepa...
🚨 CVE-2017-3772
A vulnerability was reported in Lenovo PC Manager versions prior to 2.6.40.3154 that could allow an attacker to cause a system reboot.
🎖@cveNotify
A vulnerability was reported in Lenovo PC Manager versions prior to 2.6.40.3154 that could allow an attacker to cause a system reboot.
🎖@cveNotify
iknow.lenovo.com.cn
安全公告:LEN-20491 在 IOCTL 0x9C402000 上的无效输入导致 Lenovo PC Manager 2.6 系统重新启动-联想知识库
为您提供联想lenovo笔记本的常见问题原因分析、解决方案和操作指导。涉及新电脑首次开机设置和使用,预装系统和预装软件等问题处理。方案涉及产品包括ideapad笔记本、yoga笔记本、小新笔记本、xiaoxin笔记本、昭阳笔记本、扬天笔记本、拯救者笔记本,miix系列笔记本、Flex系列笔记本等。
🚨 CVE-2019-6197
A vulnerability was reported in Lenovo PC Manager prior to version 2.8.90.11211 that could allow a local attacker to escalate privileges.
🎖@cveNotify
A vulnerability was reported in Lenovo PC Manager prior to version 2.8.90.11211 that could allow a local attacker to escalate privileges.
🎖@cveNotify
🚨 CVE-2024-41481
Typora before 1.9.3 Markdown editor has a cross-site scripting (XSS) vulnerability via the Mermaid component.
🎖@cveNotify
Typora before 1.9.3 Markdown editor has a cross-site scripting (XSS) vulnerability via the Mermaid component.
🎖@cveNotify
support.typora.io
Typora 1.9
New Code Block Math Improvements EPub Export Block Diagram Header Anchor Spec Other Improvements Fix New Code Block Math You enable Code Block Math in Preferences Panel → Markdown → Code Block Math to enable support for Gitlab / GitHub style math block (…
🚨 CVE-2024-41482
Typora before 1.9.3 Markdown editor has a cross-site scripting (XSS) vulnerability via the MathJax component.
🎖@cveNotify
Typora before 1.9.3 Markdown editor has a cross-site scripting (XSS) vulnerability via the MathJax component.
🎖@cveNotify
support.typora.io
Typora 1.9
New Code Block Math Improvements EPub Export Block Diagram Header Anchor Spec Other Improvements Fix New Code Block Math You enable Code Block Math in Preferences Panel → Markdown → Code Block Math to enable support for Gitlab / GitHub style math block (…
🚨 CVE-2024-6758
Improper Privilege Management in Sprecher Automation SPRECON-E below version 8.71j allows a remote attacker with low privileges to save unauthorized protection assignments.
🎖@cveNotify
Improper Privilege Management in Sprecher Automation SPRECON-E below version 8.71j allows a remote attacker with low privileges to save unauthorized protection assignments.
🎖@cveNotify
🚨 CVE-2024-29151
Rocket.Chat.Audit through 5ad78e8 depends on filecachetools, which does not exist in PyPI.
🎖@cveNotify
Rocket.Chat.Audit through 5ad78e8 depends on filecachetools, which does not exist in PyPI.
🎖@cveNotify
GitHub
Rocket.Chat.Audit/requirements.txt at 5ad78e8017a9e190602e8257c22500ded0d931a9 · RocketChat/Rocket.Chat.Audit
Audits Rocket.Chat communications for compliance. Contribute to RocketChat/Rocket.Chat.Audit development by creating an account on GitHub.
🚨 CVE-2024-30622
Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the mitInterface parameter from fromAddressNat function.
🎖@cveNotify
Tenda FH1205 v2.0.0.7(775) has a stack overflow vulnerability in the mitInterface parameter from fromAddressNat function.
🎖@cveNotify
🚨 CVE-2024-31807
TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a remote code execution (RCE) vulnerability via the hostTime parameter in the NTPSyncWithHost function.
🎖@cveNotify
TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a remote code execution (RCE) vulnerability via the hostTime parameter in the NTPSyncWithHost function.
🎖@cveNotify
GitHub
CVE-vulns/TOTOLINK/EX200/CI_2_NTPSyncWithHost/CI.md at main · 4hsienyang/CVE-vulns
CVE-vulns. Contribute to 4hsienyang/CVE-vulns development by creating an account on GitHub.
🚨 CVE-2024-37635
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiBasicCfg
🎖@cveNotify
TOTOLINK A3700R V9.1.2u.6165_20211012 was discovered to contain a stack overflow via ssid in the function setWiFiBasicCfg
🎖@cveNotify
GitHub
IOT-vuln-reports/TOTOLINK/A3700R/setWiFiBasicCfg/README.md at main · s4ndw1ch136/IOT-vuln-reports
Contribute to s4ndw1ch136/IOT-vuln-reports development by creating an account on GitHub.
🚨 CVE-2024-37129
Dell Inventory Collector, versions prior to 12.3.0.6 contains a Path Traversal vulnerability. A local authenticated malicious user could potentially exploit this vulnerability, leading to arbitrary code execution on the system.
🎖@cveNotify
Dell Inventory Collector, versions prior to 12.3.0.6 contains a Path Traversal vulnerability. A local authenticated malicious user could potentially exploit this vulnerability, leading to arbitrary code execution on the system.
🎖@cveNotify