|
256811
|
7.5 |
HIGH
Network
|
tenda
|
fh1201_firmware
|
Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the page parameter in the fromP2pListFilter function. This vulnerability allows attackers to cause a Denial of Service (DoS…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-42940
|
2024-09-4 04:35 |
2024-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256812
|
5.4 |
MEDIUM
Network
|
mayurik
|
best_house_rental_management_system
|
A Stored Cross Site Scripting (XSS) vulnerability was found in "manage_houses.php" in SourceCodester Best House Rental Management System v1.0. It allows remote attackers to execute arbitrary code via…
|
CWE-79
Cross-site Scripting
|
CVE-2024-40473
|
2024-09-4 04:35 |
2024-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256813
|
6.1 |
MEDIUM
Network
|
lopalopa
|
responsive_school_management_system
|
A Reflected Cross Site Scripting (XSS) vulnerability was found in " /smsa/admin_login.php" in Kashipara Responsive School Management System v3.2.0, which allows remote attackers to execute arbitrary …
|
CWE-79
Cross-site Scripting
|
CVE-2024-41241
|
2024-09-4 04:35 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256814
|
7.5 |
HIGH
Network
|
hms-networks
|
ewon_cosy\+_firmware
|
Insecure Permissions vulnerability in Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are susceptible to leaking information through cookies. This is fixed in vers…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2024-33892
|
2024-09-4 04:18 |
2024-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256815
|
7.2 |
HIGH
Network
|
hms-networks
|
ewon_cosy\+_firmware
|
Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are vulnerable to code injection due to improper parameter blacklisting. This is fixed in version 21.2s10 and 22.1s…
|
CWE-78
OS Command
|
CVE-2024-33896
|
2024-09-4 04:02 |
2024-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256816
|
6.6 |
MEDIUM
Physics
|
hms-networks
|
ewon_cosy\+_firmware
|
Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 use a unique key to encrypt the configuration parameters. This is fixed in version 21.2s10 and 22.1s3, the key is n…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2024-33895
|
2024-09-4 04:02 |
2024-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256817
|
9.8 |
CRITICAL
Network
|
arajajyothibabu
|
school_management_system
|
School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the transport parameter at vehicle.php.
|
CWE-89
SQL Injection
|
CVE-2024-42568
|
2024-09-4 03:35 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256818
|
7.5 |
HIGH
Network
|
tenda
|
fh1206_firmware
|
Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the modino parameter in the fromPptpUserAdd function. This vulnerability allows attackers to cause a Denial of Service (DoS) v…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-42987
|
2024-09-4 03:35 |
2024-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256819
|
9.8 |
CRITICAL
Network
|
tenda
|
fh1206_firmware
|
An issue in the handler function in /goform/telnet of Tenda FH1206 v02.03.01.35 allows attackers to execute arbitrary commands via a crafted HTTP request.
|
NVD-CWE-noinfo
|
CVE-2024-42978
|
2024-09-4 03:35 |
2024-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256820
|
7.5 |
HIGH
Network
|
tenda
|
fh1201_firmware
|
Tenda FH1201 v1.2.0.14 (408) was discovered to contain a stack overflow via the delno parameter in the fromPptpUserSetting function. This vulnerability allows attackers to cause a Denial of Service (…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-42948
|
2024-09-4 03:35 |
2024-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
