|
2111
|
8.8 |
HIGH
Network
|
oretnom23
|
simple_forum\/discussion_system
|
A vulnerability, which was classified as critical, was found in SourceCodester Simple Forum-Discussion System 1.0. Affected is an unknown function of the file /index.php. The manipulation of the argu…
|
CWE-22
Path Traversal
|
CVE-2024-9032
|
2024-09-21 02:04 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2112
|
9.8 |
CRITICAL
Network
best_online_news_portal_project
|
best_online_news_portal
|
A vulnerability classified as critical was found in SourceCodester Best Online News Portal 1.0. This vulnerability affects unknown code of the file /news-details.php of the component Comment Section.…
|
CWE-89
SQL Injection
|
CVE-2024-9008
|
2024-09-21 02:01 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2113
|
8.1 |
HIGH
Network
|
totolink
|
a720r_firmware
|
A vulnerability classified as critical has been found in TOTOLINK A720R 4.1.5. Affected is the function exportOvpn. The manipulation leads to os command injection. It is possible to launch the attack…
|
CWE-78
OS Command
|
CVE-2024-8869
|
2024-09-21 01:59 |
2024-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2114
|
7.5 |
HIGH
Network
xiaohe4966
|
tpmecms
|
A vulnerability, which was classified as problematic, has been found in xiaohe4966 TpMeCMS up to 1.3.3.1. Affected by this issue is some unknown functionality of the file /index/ajax/lang. The manipu…
|
CWE-22
Path Traversal
|
CVE-2024-8876
|
2024-09-21 01:58 |
2024-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2115
|
6.7 |
MEDIUM
Local
|
cisco
|
identity_services_engine
|
A vulnerability in specific CLI commands in Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system a…
|
CWE-78
OS Command
|
CVE-2024-20469
|
2024-09-21 01:58 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2116
|
4.7 |
MEDIUM
Network
|
send_project
|
send
|
Send is a library for streaming files from the file system as a http response. Send passes untrusted user input to SendStream.redirect() which executes untrusted code. This issue is patched in send 0…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43799
|
2024-09-21 01:57 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2117
|
7.5 |
HIGH
Network
opendaylight
|
authentication\
_authorization_and_accounting
|
An issue was discovered in OpenDaylight Authentication, Authorization and Accounting (AAA) through 0.19.3. A rogue controller can join a cluster to impersonate an offline peer, even if this rogue con…
|
NVD-CWE-noinfo
|
CVE-2024-46943
|
2024-09-21 01:56 |
2024-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2118
|
8.8 |
HIGH
Network
|
qnap
|
qts
quts_hero
|
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execu…
|
CWE-120
CWE-122
Classic Buffer Overflow
Heap-based Buffer Overflow
|
CVE-2024-32763
|
2024-09-21 01:49 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2119
|
4.7 |
MEDIUM
Network
|
qnap
|
qts
quts_hero
|
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands …
|
CWE-78
OS Command
|
CVE-2024-21906
|
2024-09-21 01:49 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2120
|
9.8 |
CRITICAL
Network
playsms
|
playsms
|
A vulnerability classified as critical has been found in playSMS 1.4.4/1.4.5/1.4.6/1.4.7. Affected is an unknown function of the file /playsms/index.php?app=main&inc=core_auth&route=forgot&op=forgot …
|
CWE-94
Code Injection
|
CVE-2024-8880
|
2024-09-21 01:41 |
2024-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
