911
|
6.5 |
MEDIUM
Network
|
soplanning
|
soplanning
|
SQL injection vulnerability in SOPlanning <1.45, via /soplanning/www/user_groupes.php in the by parameter, which could allow a remote user to submit a specially crafted query, allowing an attacker to…
Update
|
CWE-89
SQL Injection
|
CVE-2024-9574
|
2024-10-9 03:45 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
912
|
6.5 |
MEDIUM
Network
|
soplanning
|
soplanning
|
SQL injection vulnerability in SOPlanning <1.45, through /soplanning/www/groupe_list.php, in the by parameter, which could allow a remote user to send a specially crafted query and extract all the in…
Update
|
CWE-89
SQL Injection
|
CVE-2024-9573
|
2024-10-9 03:45 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
913
|
5.4 |
MEDIUM
Network
|
soplanning
|
soplanning
|
Cross-Site Scripting (XSS) vulnerability in SOPlanning <1.45, due to lack of proper validation of user input via /soplanning/www/process/groupe_save.php, in the groupe_id parameter. This could allow …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9572
|
2024-10-9 03:45 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
914
|
5.4 |
MEDIUM
Network
|
soplanning
|
soplanning
|
Cross-Site Scripting (XSS) vulnerability in SOPlanning <1.45, due to lack of proper validation of user input via /soplanning/www/process/xajax_server.php, affecting multiple parameters. This could al…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9571
|
2024-10-9 03:45 |
2024-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
915
|
5.9 |
MEDIUM
Network
|
cisco
|
meraki_mx65_firmware meraki_mx64_firmware meraki_z4c_firmware meraki_z4_firmware meraki_z3c_firmware meraki_z3_firmware meraki_vmx_firmware meraki_mx600_firmware meraki_mx450_…
|
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to hijack an AnyConnect VPN …
Update
|
CWE-362
Race Condition
|
CVE-2024-20509
|
2024-10-9 03:45 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
916
|
8.8 |
HIGH
Network
|
dlink
|
dir-605l_firmware
|
A vulnerability has been found in D-Link DIR-605L 2.13B01 BETA and classified as critical. Affected by this vulnerability is the function formSetPassword of the file /goform/formSetPassword. The mani…
Update
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-9565
|
2024-10-9 03:39 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
917
|
8.8 |
HIGH
Network
|
dlink
|
dir-605l_firmware
|
A vulnerability, which was classified as critical, was found in D-Link DIR-605L 2.13B01 BETA. Affected is the function formWlanWizardSetup of the file /goform/formWlanWizardSetup. The manipulation of…
Update
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-9564
|
2024-10-9 03:38 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
918
|
8.8 |
HIGH
Network
|
dlink
|
dir-605l_firmware
|
A vulnerability, which was classified as critical, has been found in D-Link DIR-605L 2.13B01 BETA. This issue affects the function formWlanSetup_Wizard of the file /goform/formWlanSetup_Wizard. The m…
Update
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-9563
|
2024-10-9 03:38 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
919
|
8.8 |
HIGH
Network
|
dlink
|
dir-605l_firmware
|
A vulnerability classified as critical was found in D-Link DIR-605L 2.13B01 BETA. This vulnerability affects the function formSetWizard1/formSetWizard2. The manipulation of the argument curTime leads…
Update
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-9562
|
2024-10-9 03:38 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
920
|
8.8 |
HIGH
Network
|
dlink
|
dir-605l_firmware
|
A vulnerability classified as critical has been found in D-Link DIR-605L 2.13B01 BETA. This affects the function formSetWAN_Wizard51/formSetWAN_Wizard52. The manipulation of the argument curTime lead…
Update
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-9561
|
2024-10-9 03:38 |
2024-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|