Tenda AC18 router V15.03.05.19 contains a stack overflow vulnerability in the formSetQosBand->FUN_0007db78 function with the request /goform/SetNetControlList/ Date published : 2022-09-23 https://github.com/CPSeek/Router-vuls/blob/main/Tenda/AC18/formSetQosBand.md
Tenda AC15 router V15.03.05.19 contains a stack overflow vulnerability in the function formSetQosBand->FUN_0007dd20 with request /goform/SetNetControlList Date published : 2022-09-23 https://github.com/CPSeek/Router-vuls/blob/main/Tenda/AC15/formSetQosBand.md
Tenda W20E router V15.11.0.6 contains a stack overflow in the function formSetPortMapping with post request ‘goform/setPortMapping/’. This vulnerability allows attackers to cause a Denial of Service (DoS) or Remote Code Execution (RCE) via the...
Tenda AC18 router contained a stack overflow vulnerability in /goform/fast_setting_wifi_set Date published : 2022-09-23 https://github.com/CPSeek/Router-vuls/blob/main/Tenda/AC18/form_fast_setting_wifi_set.md
Tenda AC15 router V15.03.05.19 contains a stack overflow via the list parameter at /goform/fast_setting_wifi_set Date published : 2022-09-23 https://github.com/CPSeek/Router-vuls/blob/main/Tenda/AC15/form_fast_setting_wifi_set.md
Tenda AC15 V15.03.05.19 contained a stack overflow via the function fromAddressNat. Date published : 2022-09-23 https://github.com/CPSeek/Router-vuls/blob/main/Tenda/AC15/addressNat.md
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within...
HashiCorp Consul and Consul Enterprise up to 1.11.8, 1.12.4, and 1.13.1 do not check for multiple SAN URI values in a CSR on the internal RPC endpoint, enabling leverage of privileged access to bypass...
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CPO Shortcodes plugin
Cross-Site Request Forgery (CSRF) vulnerability in Rate my Post – WP Rating System plugin
This vulnerability exists in Tacitine Firewall, all versions of EN6200-PRIME QUAD-35 and EN6200-PRIME QUAD-100 between 19.1.1 to 22.20.1 (inclusive), due to improper session management in the Tacitine Firewall web-based management interface. An unauthenticated remote...
This vulnerability exists in Tacitine Firewall, all versions of EN6200-PRIME QUAD-35 and EN6200-PRIME QUAD-100 between 19.1.1 to 22.20.1 (inclusive), due to insecure design in the Tacitine Firewall web-based management interface. An unauthenticated remote attacker...
This vulnerability exists in Tacitine Firewall, all versions of EN6200-PRIME QUAD-35 and EN6200-PRIME QUAD-100 between 19.1.1 to 22.20.1 (inclusive), due to improper control of code generation in the Tacitine Firewall web-based management interface. An...
Cross site scripting (XSS) vulnerability in kfm through 1.4.7 via crafted GET request to /kfm/index.php. Date published : 2022-09-23 https://code.google.com/archive/p/kfm/downloads https://cxsecurity.com/issue/WLB-2022090057
