|
256741
|
7.5 |
HIGH
Network
|
barix
|
sip_client_firmware
|
Barix – CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
|
CWE-200
Information Exposure
|
CVE-2024-41700
|
2024-09-4 04:37 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256742
|
7.5 |
HIGH
Network
|
tenda
|
fh1201_firmware
|
Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the wanmode parameter in the fromAdvSetWan function. This vulnerability allows attackers to cause a Denial of Service (DoS)…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-42941
|
2024-09-4 04:35 |
2024-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256743
|
7.5 |
HIGH
Network
|
tenda
|
fh1201_firmware
|
Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromP2pListFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-42940
|
2024-09-4 04:35 |
2024-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256744
|
5.4 |
MEDIUM
Network
|
mayurik
|
best_house_rental_management_system
|
A Stored Cross Site Scripting (XSS) vulnerability was found in "manage_houses.php" in SourceCodester Best House Rental Management System v1.0. It allows remote attackers to execute arbitrary code via…
|
CWE-79
Cross-site Scripting
|
CVE-2024-40473
|
2024-09-4 04:35 |
2024-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256745
|
6.1 |
MEDIUM
Network
|
lopalopa
|
responsive_school_management_system
|
A Reflected Cross Site Scripting (XSS) vulnerability was found in " /smsa/admin_login.php" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary …
|
CWE-79
Cross-site Scripting
|
CVE-2024-41241
|
2024-09-4 04:35 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256746
|
7.5 |
HIGH
Network
|
hms-networks
|
ewon_cosy\+_firmware
|
Insecure Permissions vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are susceptible to leaking information through cookies. This is fixed in vers…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2024-33892
|
2024-09-4 04:18 |
2024-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256747
|
7.2 |
HIGH
Network
|
hms-networks
|
ewon_cosy\+_firmware
|
Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are vulnerable to code injection due to improper parameter blacklisting. This is fixed in version 21.2s10 and 22.1s…
|
CWE-78
OS Command
|
CVE-2024-33896
|
2024-09-4 04:02 |
2024-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256748
|
6.6 |
MEDIUM
Physics
|
hms-networks
|
ewon_cosy\+_firmware
|
Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 use a unique key to encrypt the configuration parameters. This is fixed in version 21.2s10 and 22.1s3, the key is n…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2024-33895
|
2024-09-4 04:02 |
2024-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256749
|
9.8 |
CRITICAL
Network
|
arajajyothibabu
|
school_management_system
|
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the transport parameter at vehicle.php.
|
CWE-89
SQL Injection
|
CVE-2024-42568
|
2024-09-4 03:35 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256750
|
7.5 |
HIGH
Network
|
tenda
|
fh1206_firmware
|
Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the modino parameter in the fromPptpUserAdd function. This vulnerability allows attackers to cause a Denial of Service (DoS) v…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-42987
|
2024-09-4 03:35 |
2024-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
