| Page(s) : 1 ... 28 29 30 31 32 33 34 35 36 37 [38] 39 40 41 42 43 44 45 46 47 48 ... | Result(s) : 272083 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2024-04-17 | CVE-2024-3333 | cve | The Essential Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the URL attributes of widgets in all versions up to, and including, 5.9.... |
| N/A | 2024-04-17 | CVE-2024-3908 | cve | A vulnerability classified as critical has been found in Tenda AC500 2.0.1.9(1307). Affected is the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of... |
| N/A | 2024-04-17 | CVE-2024-3909 | cve | A vulnerability classified as critical was found in Tenda AC500 2.0.1.9(1307). Affected by this vulnerability is the function formexeCommand of the file /goform/execCommand. The... |
| N/A | 2024-04-17 | CVE-2024-3910 | cve | A vulnerability, which was classified as critical, has been found in Tenda AC500 2.0.1.9(1307). Affected by this issue is the function fromDhcpListClient of the file /goform/Dhc... |
| 9.1 | 2024-04-17 | CVE-2023-39367 | cve | An OS command injection vulnerability exists in the web interface mac2name functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request can lead to a... |
| 6.8 | 2024-04-17 | CVE-2023-40146 | cve | A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted command line argument can lead to a lim... |
| 5.3 | 2024-04-17 | CVE-2023-43491 | cve | An information disclosure vulnerability exists in the web interface /cgi-bin/debug_dump.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP requ... |
| 5.3 | 2024-04-17 | CVE-2023-45209 | cve | An information disclosure vulnerability exists in the web interface /cgi-bin/download_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP... |
| 8.3 | 2024-04-17 | CVE-2023-45744 | cve | A data integrity vulnerability exists in the web interface /cgi-bin/upload_config.cgi functionality of Peplink Smart Reader v1.2.0 (in QEMU). A specially crafted HTTP request ca... |
| N/A | 2024-04-17 | CVE-2023-6805 | cve | The RSS Aggregator by Feedzy – Feed to Post, Autoblogging, News & YouTube Video Feeds Aggregator plugin for WordPress is vulnerable to Blind Server-Side Request Forgery in all v... |
| N/A | 2024-04-17 | CVE-2024-30952 | cve | A stored cross-site scripting (XSS) vulnerability in PESCMS-TEAM v2.3.6 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the domain ... |
| N/A | 2024-04-17 | CVE-2024-32281 | cve | Tenda AC7V1.0 v15.03.06.44 firmware contains a command injection vulnerablility in formexeCommand function via the cmdinput parameter. |
| N/A | 2024-04-17 | CVE-2024-32301 | cve | Tenda AC7V1.0 v15.03.06.44 firmware has a stack overflow vulnerability via the PPW parameter in the fromWizardHandle function. |
| N/A | 2024-04-17 | CVE-2024-32307 | cve | Tenda FH1205 V2.0.0.7(775) firmware has a stack overflow vulnerability located via the PPW parameter in the fromWizardHandle function. |
| N/A | 2024-04-17 | CVE-2024-32310 | cve | Tenda F1203 V2.0.1.6 firmware has a stack overflow vulnerability located in the PPW parameter of the fromWizardHandle function. |
| N/A | 2024-04-17 | CVE-2024-32312 | cve | Tenda F1203 V2.0.1.6 firmware has a stack overflow vulnerability located in the adslPwd parameter of the formWanParameterSetting function. |
| N/A | 2024-04-17 | CVE-2024-32313 | cve | Tenda FH1205 V2.0.0.7(775) firmware has a stack overflow vulnerability located via the adslPwd parameter of the formWanParameterSetting function. |
| N/A | 2024-04-17 | CVE-2024-0868 | cve | The coreActivity: Activity Logging plugin for WordPress plugin before 2.1 retrieved IP addresses of requests via headers such X-FORWARDED to log them, allowing users to spoof th... |
| N/A | 2024-04-17 | CVE-2024-1219 | cve | The Easy Social Feed WordPress plugin before 6.5.6 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow user... |
| N/A | 2024-04-17 | CVE-2024-2101 | cve | The Salon booking system WordPress plugin before 9.6.3 does not properly sanitize and escape the 'Mobile Phone' field when booking an appointment, allowing customers t... |
| Page(s) : 1 ... 28 29 30 31 32 33 34 35 36 37 [38] 39 40 41 42 43 44 45 46 47 48 ... | Result(s) : 272083 |
