๐จ CVE-2024-10427
A vulnerability was found in Codezips Pet Shop Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /deleteanimal.php. The manipulation of the argument t1 leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory mentions the parameter "refno" to be affected. But further inspection indicates that the name of the affected parameter is "t1".
๐@cveNotify
A vulnerability was found in Codezips Pet Shop Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /deleteanimal.php. The manipulation of the argument t1 leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory mentions the parameter "refno" to be affected. But further inspection indicates that the name of the affected parameter is "t1".
๐@cveNotify
GitHub
Codezips Pet Shop Management System In PHP With Source Code V1.0 deleteanimal.php SQL injection ยท Issue #22 ยท ppp-src/CVE
Codezips Pet Shop Management System In PHP With Source Code V1.0 deleteanimal.php SQL injection NAME OF AFFECTED PRODUCT(S) Pet Shop Management System In PHP With Source Code Vendor Homepage https:...
๐จ CVE-2024-10428
A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. It has been rated as critical. This issue affects the function set_ipv6 of the file firewall.cgi. The manipulation of the argument dhcpGateway leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
๐@cveNotify
A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. It has been rated as critical. This issue affects the function set_ipv6 of the file firewall.cgi. The manipulation of the argument dhcpGateway leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
๐@cveNotify
Google Docs
iptablesAllFilterRun.docx
CVE-ID CVE-2024-10428 Credits Leipeng Ye (awindog) of DBappSecurity Stellar Lab Overview Manufacturer's website: https://www.wavlink.com/en_us/index.html Firmware download website: https://www.wavlink.com/en_us/firmware/details/130.html https://www.wavโฆ
๐จ CVE-2024-10429
A vulnerability classified as critical has been found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. Affected is the function set_ipv6 of the file internet.cgi. The manipulation of the argument IPv6OpMode/IPv6IPAddr/IPv6WANIPAddr/IPv6GWAddr leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
๐@cveNotify
A vulnerability classified as critical has been found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. Affected is the function set_ipv6 of the file internet.cgi. The manipulation of the argument IPv6OpMode/IPv6IPAddr/IPv6WANIPAddr/IPv6GWAddr leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
๐@cveNotify
Google Docs
set_ipv6.docx
CVE-ID CVE-2024-10429 Credits Leipeng Ye (awindog) of DBappSecurity Stellar Lab Overview Manufacturer's website: https://www.wavlink.com/en_us/index.html Firmware download website: https://www.wavlink.com/en_us/firmware/details/130.html https://www.wavโฆ
๐จ CVE-2022-47353
In vdsp device, there is a possible system crash due to improper input validation.This could lead to local denial of service with System execution privileges needed
๐@cveNotify
In vdsp device, there is a possible system crash due to improper input validation.This could lead to local denial of service with System execution privileges needed
๐@cveNotify
๐จ CVE-2024-0420
The MapPress Maps for WordPress plugin before 2.88.15 does not sanitize and escape the map title when outputting it back in the admin dashboard, allowing Contributors and above roles to perform Stored Cross-Site Scripting attacks
๐@cveNotify
The MapPress Maps for WordPress plugin before 2.88.15 does not sanitize and escape the map title when outputting it back in the admin dashboard, allowing Contributors and above roles to perform Stored Cross-Site Scripting attacks
๐@cveNotify
WPScan
MapPress Maps for WordPress < 2.88.15 - Contributor+ Stored XSS
See details on MapPress Maps for WordPress < 2.88.15 - Contributor+ Stored XSS CVE 2024-0420. View the latest Plugin Vulnerabilities on WPScan.
๐จ CVE-2024-22475
Cross-site request forgery vulnerability in multiple printers and scanners which implement Web Based Management provided by BROTHER INDUSTRIES, LTD. allows a remote unauthenticated attacker to perform unintended operations on the affected product. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
๐@cveNotify
Cross-site request forgery vulnerability in multiple printers and scanners which implement Web Based Management provided by BROTHER INDUSTRIES, LTD. allows a remote unauthenticated attacker to perform unintended operations on the affected product. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
๐@cveNotify
jvn.jp
JVN#82749078: Multiple vulnerabilities in printers and scanners which implement BROTHER Web Based Management
Japan Vulnerability Notes
๐จ CVE-2024-0711
The Buttons Shortcode and Widget WordPress plugin through 1.16 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
๐@cveNotify
The Buttons Shortcode and Widget WordPress plugin through 1.16 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
๐@cveNotify
WPScan
Buttons Shortcode and Widget <= 1.16 - Stored XSS via shortcode
See details on Buttons Shortcode and Widget <= 1.16 - Stored XSS via shortcode CVE 2024-0711. View the latest Plugin Vulnerabilities on WPScan.
๐จ CVE-2024-29470
OneBlog v2.3.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the component {{rootpath}}/links.
๐@cveNotify
OneBlog v2.3.4 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the component {{rootpath}}/links.
๐@cveNotify
Gitee
yadong.zhang/OneBlog: OneBlog๏ผไธไธช็ฎๆด็พ่งใๅ่ฝๅผบๅคงๅนถไธ่ช้ๅบ็Javaๅๅฎข
๐จ CVE-2024-29755
In tmu_get_pi of tmu.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
๐@cveNotify
In tmu_get_pi of tmu.c, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
๐@cveNotify
๐จ CVE-2023-6501
The Splashscreen WordPress plugin through 0.20 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
๐@cveNotify
The Splashscreen WordPress plugin through 0.20 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack
๐@cveNotify
๐จ CVE-2023-6591
The Popup Box WordPress plugin before 20.9.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed
๐@cveNotify
The Popup Box WordPress plugin before 20.9.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed
๐@cveNotify
WPScan
Popup Box Pro < 20.9.0 - Admin+ Stored XSS
See details on Popup Box Pro < 20.9.0 - Admin+ Stored XSS CVE 2023-6591. View the latest Plugin Vulnerabilities on WPScan.
๐จ CVE-2023-7202
The Fatal Error Notify WordPress plugin before 1.5.3 does not have authorisation and CSRF checks in its test_error AJAX action, allowing any authenticated users, such as subscriber to call it and spam the admin email address with error messages. The issue is also exploitable via CSRF
๐@cveNotify
The Fatal Error Notify WordPress plugin before 1.5.3 does not have authorisation and CSRF checks in its test_error AJAX action, allowing any authenticated users, such as subscriber to call it and spam the admin email address with error messages. The issue is also exploitable via CSRF
๐@cveNotify
Plugin Security Certification (PSC) by CleanTalk
CVE-2023-7202 - Fatal Error Notify - Error Email Sending CSRF - Plugin Security Certification (PSC) by CleanTalk
In the process of scrutinizing the Fatal Error Notify plugin for WordPress, a Cross-Site Request Forgery (CSRF) vulnerability was unearthed. This flaw permits an unauthorized user to manipulate requests on behalf of the victim, enabling the attacker to sendโฆ
๐จ CVE-2023-6247
The PKCS#7 parser in OpenVPN 3 Core Library versions through 3.8.3 did not properly validate the parsed data, which would result in the application crashing.
๐@cveNotify
The PKCS#7 parser in OpenVPN 3 Core Library versions through 3.8.3 did not properly validate the parsed data, which would result in the application crashing.
๐@cveNotify
๐จ CVE-2024-38493
A reflected cross-site scripting (XSS) vulnerability exists in the PAM UI web interface. A remote attacker able to convince a PAM user to click on a specially crafted link to the PAM UI web interface could potentially execute arbitrary client-side code in the context of PAM UI.
๐@cveNotify
A reflected cross-site scripting (XSS) vulnerability exists in the PAM UI web interface. A remote attacker able to convince a PAM user to click on a specially crafted link to the PAM UI web interface could potentially execute arbitrary client-side code in the context of PAM UI.
๐@cveNotify
๐จ CVE-2024-10432
A vulnerability has been found in Project Worlds Simple Web-Based Chat Application 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
A vulnerability has been found in Project Worlds Simple Web-Based Chat Application 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument username leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
GitHub
CVE/project_worlds_simple_web_based_chat_app_index_sqli.md at main ยท jadu101/CVE
Contribute to jadu101/CVE development by creating an account on GitHub.
๐จ CVE-2023-50785
Zoho ManageEngine ADAudit Plus before 7270 allows admin users to view names of arbitrary directories via path traversal.
๐@cveNotify
Zoho ManageEngine ADAudit Plus before 7270 allows admin users to view names of arbitrary directories via path traversal.
๐@cveNotify
Manageengine
Arbitrary Directory Traversal Vulnerability fixed in build 7270 | ManageEngine ADAudit Plus
Arbitrary directory traversal vulnerability has been fixed in ADAudit Plus build 7270.
๐จ CVE-2024-10434
A vulnerability was found in Tenda AC1206 up to 20241027. It has been classified as critical. This affects the function ate_Tenda_mfg_check_usb/ate_Tenda_mfg_check_usb3 of the file /goform/ate. The manipulation of the argument arg leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
A vulnerability was found in Tenda AC1206 up to 20241027. It has been classified as critical. This affects the function ate_Tenda_mfg_check_usb/ate_Tenda_mfg_check_usb3 of the file /goform/ate. The manipulation of the argument arg leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
GitHub
Routers/Tenda/README.md at main ยท physicszq/Routers
Contribute to physicszq/Routers development by creating an account on GitHub.
๐จ CVE-2024-10435
A vulnerability was found in didi Super-Jacoco 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /cov/triggerEnvCov. The manipulation of the argument uuid leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
A vulnerability was found in didi Super-Jacoco 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /cov/triggerEnvCov. The manipulation of the argument uuid leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
GitHub
Unauthorized attackers can execute any command with triggerEnvCov Interface ยท Issue #48 ยท didi/super-jacoco
When accessing the triggerEnvCov Interface with special request, unauthorized attackers can execute any command on the target system. Attacker can inject command in the parameter uuid. Proof of con...
๐จ CVE-2023-34941
A stored cross-site scripting (XSS) vulnerability in the urlFilterList function of Asus RT-N10LX Router v2.0.0.39 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL Keyword List text field. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
๐@cveNotify
A stored cross-site scripting (XSS) vulnerability in the urlFilterList function of Asus RT-N10LX Router v2.0.0.39 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL Keyword List text field. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
๐@cveNotify
GitHub
cve/ASUS-N10LX_2.0.0.39/StoredXSS_FirewallURLFilter.md at main ยท OlivierLaflamme/cve
Contribute to OlivierLaflamme/cve development by creating an account on GitHub.
๐จ CVE-2023-20812
In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944987; Issue ID: ALPS07944987.
๐@cveNotify
In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944987; Issue ID: ALPS07944987.
๐@cveNotify
MediaTek
August 2023
๐จ CVE-2023-20813
In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453549; Issue ID: ALPS07453549.
๐@cveNotify
In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453549; Issue ID: ALPS07453549.
๐@cveNotify
MediaTek
August 2023