|
315201
|
8.8 |
HIGH
Network
|
pligg
|
pligg_cms
|
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_group.php?mode=delete&group_id=3
|
CWE-352
Origin Validation Error
|
CVE-2024-42604
|
2024-08-22 05:35 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315202
|
8.8 |
HIGH
Network
|
tamparongj_03
|
online_graduate_tracer_system
|
A vulnerability, which was classified as critical, was found in SourceCodester Online Graduate Tracer System up to 1.0. Affected is an unknown function of the file /tracking/admin/fetch_genderit.php.…
|
CWE-89
SQL Injection
|
CVE-2024-7949
|
2024-08-22 04:15 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315203
|
9.8 |
CRITICAL
Network
|
totolink
|
ex1200l_firmware
|
A vulnerability has been found in TOTOLINK EX1200L 9.3.5u.6146_B20201023 and classified as critical. Affected by this vulnerability is the function setLanguageCfg of the file /www/cgi-bin/cstecgi.cgi…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-7909
|
2024-08-22 04:15 |
2024-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315204
|
9.8 |
CRITICAL
Network
|
ltcms
|
ltcms
|
A vulnerability was found in wanglongcn ltcms 1.0.20. It has been declared as critical. Affected by this vulnerability is the function downloadUrl of the file /api/file/downloadUrl of the component A…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2024-7743
|
2024-08-22 04:15 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315205
|
9.8 |
CRITICAL
Network
|
ltcms
|
ltcms
|
A vulnerability was found in wanglongcn ltcms 1.0.20. It has been classified as critical. Affected is the function multiDownload of the file /api/file/multiDownload of the component API Endpoint. The…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2024-7742
|
2024-08-22 04:08 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315206
|
5.3 |
MEDIUM
Network
|
ltcms
|
ltcms
|
A vulnerability was found in wanglongcn ltcms 1.0.20 and classified as critical. This issue affects the function downloadFile of the file /api/file/downloadfile of the component API Endpoint. The man…
|
CWE-22
Path Traversal
|
CVE-2024-7741
|
2024-08-22 04:07 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315207
|
9.8 |
CRITICAL
Network
|
ltcms
|
ltcms
|
A vulnerability has been found in wanglongcn ltcms 1.0.20 and classified as critical. This vulnerability affects the function download of the file /api/test/download of the component API Endpoint. Th…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2024-7740
|
2024-08-22 04:06 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315208
|
6.5 |
MEDIUM
Network
|
oretnom23
|
computer_laboratory_management_system
|
Incorrect access control in the delete_category function of Sourcecodester Computer Laboratory Management System v1.0 allows authenticated attackers with low-level privileges to arbitrarily delete ca…
|
NVD-CWE-noinfo
|
CVE-2024-41332
|
2024-08-22 03:53 |
2024-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315209
|
9.8 |
CRITICAL
Network
|
tenda
|
fh1206_firmware
|
A vulnerability was found in Tenda FH1206 1.2.0.8. It has been declared as critical. Affected by this vulnerability is the function fromSafeClientFilter/fromSafeMacFilter/fromSafeUrlFilter. The manip…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-7615
|
2024-08-22 03:48 |
2024-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315210
|
9.8 |
CRITICAL
Network
|
tenda
|
fh1206_firmware
|
A vulnerability was found in Tenda FH1206 1.2.0.8(8155). It has been classified as critical. Affected is the function fromqossetting of the file /goform/qossetting. The manipulation of the argument p…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-7614
|
2024-08-22 03:48 |
2024-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
