|
312571
|
7.5 |
HIGH
Network
|
nepstech
|
ntpl-xpon1gfevn_firmware
|
An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain sensitive information via the lack of encryption during login process
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2024-42657
|
2024-08-21 01:13 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312572
|
5.9 |
MEDIUM
Network
|
google
haxx
|
nest_mini_firmware
libcurl
|
The libcurl CURLOPT_SSL_VERIFYPEER option was disabled on a subset of requests made by Nest production devices which enabled a potential man-in-the-middle attack on requests to Google cloud services …
|
NVD-CWE-noinfo
|
CVE-2024-32928
|
2024-08-21 01:13 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312573
|
9.8 |
CRITICAL
Network
|
nepstech
|
ntpl-xpon1gfevn_firmware
|
An issue in wishnet Nepstech Wifi Router NTPL-XPON1GFEVN v1.0 allows a remote attacker to obtain sensitive information via the cookie's parameter
|
NVD-CWE-noinfo
|
CVE-2024-42658
|
2024-08-21 01:12 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312574
|
5.4 |
MEDIUM
Network
|
xwiki
|
xwiki
|
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It is possible for a user without Script or Programming rights to craft a URL pointing to a pa…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43400
|
2024-08-21 01:10 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312575
|
8.0 |
HIGH
Network
|
xwiki
|
xwiki
|
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A user without script/programming right can trick a user with elevated rights to edit a conten…
|
CWE-862
Missing Authorization
|
CVE-2024-43401
|
2024-08-21 01:09 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312576
|
7.5 |
HIGH
Network
|
zzcms
|
zzcms
|
A vulnerability was found in ZZCMS 2023. It has been declared as critical. This vulnerability affects unknown code of the file /I/list.php. The manipulation of the argument skin leads to path travers…
|
CWE-22
Path Traversal
|
CVE-2024-7924
|
2024-08-21 01:07 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312577
|
7.5 |
HIGH
Network
|
zzcms
|
zzcms
|
A vulnerability was found in ZZCMS 2023. It has been rated as problematic. This issue affects some unknown processing of the file 3/E_bak5.1/upload/eginfo.php. The manipulation of the argument phome …
|
NVD-CWE-noinfo
|
CVE-2024-7925
|
2024-08-21 01:06 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312578
|
4.8 |
MEDIUM
Network
|
fastadmin
|
fastadmin
|
A vulnerability was found in FastAdmin 1.5.0.20240328. It has been declared as problematic. This vulnerability affects unknown code of the file /[admins_url].php/general/attachment/edit/ids/4?dialog=…
|
CWE-79
Cross-site Scripting
|
CVE-2024-7453
|
2024-08-21 00:50 |
2024-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312579
|
- |
|
-
|
-
|
CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability
exists that could cause a crash of the Accutech Manager when receiving a specially crafted
request over p…
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-6918
|
2024-08-21 00:44 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312580
|
- |
|
-
|
-
|
A Cross-Site Request Forgery (CSRF) in the component edit_product.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges.
|
-
|
CVE-2024-42578
|
2024-08-21 00:44 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
