CVE-2022-25605
Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities discovered in WP-DownloadManager WordPress plugin (versions
Monthly Archive: March 2022
CVE-2022-25604
Authenticated (contributor of higher user role) Stored Cross-Site Scripting (XSS) vulnerability discovered in WordPress Price Table plugin (versions
CVE-2022-25603
Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability discovered in MaxGalleria WordPress plugin (versions 6.2.5). Date published : 2022-03-18 https://patchstack.com/database/vulnerability/maxgalleria/wordpress-maxgalleria-plugin-6-2-5-stored-cross-site-scripting-xss-vulnerability MaxGalleria
CVE-2022-25602
Nonce token leak vulnerability leading to arbitrary file upload, theme deletion, plugin settings change discovered in Responsive Menu WordPress plugin (versions
CVE-2022-25581
Classcms v2.5 and below contains an arbitrary file upload via the component classclassupload. This vulnerability allows attackers to execute code injection via a crafted .txt file. Date published : 2022-03-18 https://github.com/k0xx11/Vulscve/blob/master/classcms2.5-rce.md
CVE-2022-25578
taocms v3.0.2 allows attackers to execute code injection via arbitrarily editing the .htaccess file. Date published : 2022-03-18 http://taocms.com https://github.com/taogogo/taocms/issues/28
CVE-2022-25461
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the startip parameter in the SetPptpServerCfg function. Date published : 2022-03-18 https://github.com/EPhaha/IOT_vuln/tree/main/Tenda/AC6/16
CVE-2022-25460
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the endip parameter in the SetPptpServerCfg function. Date published : 2022-03-18 https://github.com/EPhaha/IOT_vuln/tree/main/Tenda/AC6/17
CVE-2022-25459
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the S1 parameter in the SetSysTimeCfg function. Date published : 2022-03-18 https://github.com/EPhaha/IOT_vuln/tree/main/Tenda/AC6/15
CVE-2022-25458
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the cmdinput parameter in the exeCommand function. Date published : 2022-03-18 https://github.com/EPhaha/IOT_vuln/tree/main/Tenda/AC6/13
CVE-2022-25457
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the ntpserver parameter in the SetSysTimeCfg function. Date published : 2022-03-18 https://github.com/EPhaha/IOT_vuln/tree/main/Tenda/AC6/14
CVE-2022-25456
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the security_5g parameter in the WifiBasicSet function. Date published : 2022-03-18 https://github.com/EPhaha/IOT_vuln/tree/main/Tenda/AC6/12
CVE-2022-25455
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the list parameter in the SetIpMacBind function. Date published : 2022-03-18 https://github.com/EPhaha/IOT_vuln/tree/main/Tenda/AC6/11
CVE-2022-25454
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the loginpwd parameter in the SetFirewallCfg function. Date published : 2022-03-18 https://github.com/EPhaha/IOT_vuln/tree/main/Tenda/AC6/10