|
2311
|
7.5 |
HIGH
Network
loytec
|
linx-212_firmware
linx-151_firmware
|
LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Insecure Permissions via registry.xml file. This vulnerability allows remote attackers to disclose smtp client a…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2023-46386
|
2024-09-21 02:15 |
2023-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2312
|
7.5 |
HIGH
Network
loytec
|
l-inx_configurator
|
LOYTEC electronics GmbH LINX Configurator (all versions) is vulnerable to Insecure Permissions. An admin credential is passed as a value of URL parameters without encryption, so it allows remote atta…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2023-46385
|
2024-09-21 02:15 |
2023-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2313
|
7.5 |
HIGH
Network
loytec
|
l-inx_configurator
|
LOYTEC electronics GmbH LINX Configurator (all versions) is vulnerable to Insecure Permissions. Cleartext storage of credentials allows remote attackers to disclose admin password and bypass an authe…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2023-46384
|
2024-09-21 02:15 |
2023-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2314
|
7.5 |
HIGH
Network
loytec
|
l-inx_configurator
|
LOYTEC electronics GmbH LINX Configurator (all versions) uses HTTP Basic Authentication, which transmits usernames and passwords in base64-encoded cleartext and allows remote attackers to steal the p…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2023-46383
|
2024-09-21 02:15 |
2023-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2315
|
9.8 |
CRITICAL
Network
sfs
|
winsure
|
Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure allows XML Injection.This issue affects ww.Winsure: before 4.6.2.
|
CWE-611
XXE
|
CVE-2024-7098
|
2024-09-21 02:14 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2316
|
9.8 |
CRITICAL
Network
sfs
|
insuree_gl
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SFS Consulting InsureE GL allows SQL Injection.This issue affects InsureE GL: before 4.6.2.
|
CWE-89
SQL Injection
|
CVE-2024-6401
|
2024-09-21 02:07 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2317
|
7.8 |
HIGH
Local
|
refuel
|
autolabel
|
An arbitrary code execution vulnerability exists in versions 0.0.8 and newer of the Refuel Autolabel library because of the way its multilabel classification tasks handle provided CSV files. If a use…
|
CWE-1236
Improper Neutralization of Formula Elements in a CSV File
|
CVE-2024-27321
|
2024-09-21 02:06 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2318
|
8.8 |
HIGH
Network
|
oretnom23
|
simple_forum\/discussion_system
|
A vulnerability, which was classified as critical, was found in SourceCodester Simple Forum-Discussion System 1.0. Affected is an unknown function of the file /index.php. The manipulation of the argu…
|
CWE-22
Path Traversal
|
CVE-2024-9032
|
2024-09-21 02:04 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2319
|
9.8 |
CRITICAL
Network
best_online_news_portal_project
|
best_online_news_portal
|
A vulnerability classified as critical was found in SourceCodester Best Online News Portal 1.0. This vulnerability affects unknown code of the file /news-details.php of the component Comment Section.…
|
CWE-89
SQL Injection
|
CVE-2024-9008
|
2024-09-21 02:01 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2320
|
8.1 |
HIGH
Network
|
totolink
|
a720r_firmware
|
A vulnerability classified as critical has been found in TOTOLINK A720R 4.1.5. Affected is the function exportOvpn. The manipulation leads to os command injection. It is possible to launch the attack…
|
CWE-78
OS Command
|
CVE-2024-8869
|
2024-09-21 01:59 |
2024-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
