111
|
7.5 |
HIGH
Network
loytec
|
linx-212_firmware linx-151_firmware
|
LOYTEC electronics GmbH LINX-212 and LINX-151 devices (all versions) are vulnerable to Insecure Permissions via registry.xml file. This vulnerability allows remote attackers to disclose smtp client a…
Update
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2023-46386
|
2024-09-21 02:15 |
2023-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
112
|
7.5 |
HIGH
Network
loytec
|
l-inx_configurator
|
LOYTEC electronics GmbH LINX Configurator (all versions) is vulnerable to Insecure Permissions. An admin credential is passed as a value of URL parameters without encryption, so it allows remote atta…
Update
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2023-46385
|
2024-09-21 02:15 |
2023-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
113
|
7.5 |
HIGH
Network
loytec
|
l-inx_configurator
|
LOYTEC electronics GmbH LINX Configurator (all versions) is vulnerable to Insecure Permissions. Cleartext storage of credentials allows remote attackers to disclose admin password and bypass an authe…
Update
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2023-46384
|
2024-09-21 02:15 |
2023-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
114
|
7.5 |
HIGH
Network
loytec
|
l-inx_configurator
|
LOYTEC electronics GmbH LINX Configurator (all versions) uses HTTP Basic Authentication, which transmits usernames and passwords in base64-encoded cleartext and allows remote attackers to steal the p…
Update
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2023-46383
|
2024-09-21 02:15 |
2023-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
115
|
9.8 |
CRITICAL
Network
sfs
|
winsure
|
Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure allows XML Injection.This issue affects ww.Winsure: before 4.6.2.
Update
|
CWE-611
XXE
|
CVE-2024-7098
|
2024-09-21 02:14 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
116
|
9.8 |
CRITICAL
Network
sfs
|
insuree_gl
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SFS Consulting InsureE GL allows SQL Injection.This issue affects InsureE GL: before 4.6.2.
Update
|
CWE-89
SQL Injection
|
CVE-2024-6401
|
2024-09-21 02:07 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
117
|
7.8 |
HIGH
Local
|
refuel
|
autolabel
|
An arbitrary code execution vulnerability exists in versions 0.0.8 and newer of the Refuel Autolabel library because of the way its multilabel classification tasks handle provided CSV files. If a use…
Update
|
CWE-1236
Improper Neutralization of Formula Elements in a CSV File
|
CVE-2024-27321
|
2024-09-21 02:06 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
118
|
8.8 |
HIGH
Network
|
oretnom23
|
simple_forum\/discussion_system
|
A vulnerability, which was classified as critical, was found in SourceCodester Simple Forum-Discussion System 1.0. Affected is an unknown function of the file /index.php. The manipulation of the argu…
New
|
CWE-22
Path Traversal
|
CVE-2024-9032
|
2024-09-21 02:04 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
119
|
9.8 |
CRITICAL
Network
best_online_news_portal_project
|
best_online_news_portal
|
A vulnerability classified as critical was found in SourceCodester Best Online News Portal 1.0. This vulnerability affects unknown code of the file /news-details.php of the component Comment Section.…
New
|
CWE-89
SQL Injection
|
CVE-2024-9008
|
2024-09-21 02:01 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
120
|
8.1 |
HIGH
Network
|
totolink
|
a720r_firmware
|
A vulnerability classified as critical has been found in TOTOLINK A720R 4.1.5. Affected is the function exportOvpn. The manipulation leads to os command injection. It is possible to launch the attack…
Update
|
CWE-78
OS Command
|
CVE-2024-8869
|
2024-09-21 01:59 |
2024-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|