|
303411
|
- |
|
-
|
-
|
yshopmall V1.0 has an arbitrary file upload vulnerability, which can enable RCE or even take over the server when improperly configured to parse JSP files.
|
-
|
CVE-2024-50648
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303412
|
- |
|
-
|
-
|
The python_food ordering system V1.0 has an unauthorized vulnerability that leads to the leakage of sensitive user information. Attackers can access it through https://ip:port/api/myapp/index/user/in…
|
-
|
CVE-2024-50647
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303413
|
4.3 |
MEDIUM
Adjacent
|
-
|
-
|
A vulnerability in Cisco TelePresence CE and RoomOS could allow an unauthenticated, adjacent attacker to view sensitive information on an affected device.
This vulnerability exists because the aff…
|
CWE-125
Out-of-bounds Read
|
CVE-2023-20094
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303414
|
6.7 |
MEDIUM
Local
|
-
|
-
|
A vulnerability in Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to elevate privileges to root on an affected device.
This vulnerability is due to improper access c…
|
CWE-27
Path Traversal: 'dir/../../filename'
|
CVE-2023-20090
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303415
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct Cypher query language injection attacks on an affe…
|
CWE-943
Improper Neutralization of Special Elements in Data Query Logic
|
CVE-2021-1481
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303416
|
4.9 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system.
This…
|
CWE-20
Improper Input Validation
|
CVE-2021-1470
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303417
|
- |
|
-
|
-
|
A vulnerability in the vDaemon service of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to cause a buffer overflow on an affected system, resulting in a denial …
|
CWE-20
Improper Input Validation
|
CVE-2021-1466
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303418
|
5.0 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization checking and gain restricted access to the configuration information of an …
|
CWE-20
Improper Input Validation
|
CVE-2021-1464
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303419
|
4.4 |
MEDIUM
Local
|
-
|
-
|
Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device.
These…
|
CWE-61
UNIX Symbolic Link (Symlink) Following
|
CVE-2023-20093
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
303420
|
4.4 |
MEDIUM
Local
|
-
|
-
|
Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device.
These…
|
-
|
CVE-2023-20092
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
