8.8
CVE-2024-3909 - Tenda AC500 execCommand formexeCommand stack-based overflow
A vulnerability classified as critical was found in Tenda AC500 2.0.1.9(1307). Affected by this vulnerability is the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack can be launched remotely. The explβ¦
6.3
CVE-2024-3908 - Tenda AC500 WriteFacMac formWriteFacMac command injection
A vulnerability classified as critical has been found in Tenda AC500 2.0.1.9(1307). Affected is the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the argument mac leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosedβ¦
8.8
CVE-2024-3907 - Tenda AC500 setcfm formSetCfm stack-based overflow
A vulnerability was found in Tenda AC500 2.0.1.9(1307). It has been rated as critical. This issue affects the function formSetCfm of the file /goform/setcfm. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been dβ¦
7.7
CVE-2023-51418 - WordPress JVM rich text icons plugin <= 1.2.6 - Arbitrary File Deletion vulnerability
Missing Authorization vulnerability in Joris van Montfort JVM rich text icons.This issue affects JVM rich text icons: from n/a through 1.2.6.
7.7
CVE-2023-51500 - WordPress Uncode Core plugin <= 2.8.8 - Arbitrary File Deletion vulnerability
Missing Authorization vulnerability in Undsgn Uncode Core.This issue affects Uncode Core: from n/a through 2.8.8.
8.8
CVE-2024-3906 - Tenda AC500 QuickIndex formQuickIndex stack-based overflow
A vulnerability was found in Tenda AC500 2.0.1.9(1307). It has been declared as critical. This vulnerability affects the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack can be initiated remotely.β¦
8.8
CVE-2024-3905 - Tenda AC500 execCommand R7WebsSecurityHandler stack-based overflow
A vulnerability was found in Tenda AC500 2.0.1.9(1307). It has been classified as critical. This affects the function R7WebsSecurityHandler of the file /goform/execCommand. The manipulation of the argument password leads to stack-based buffer overflow. It is possible to initiate the attack remotelyβ¦
8.6
CVE-2022-47151 - WordPress JS Help Desk plugin <= 2.7.1 - Unauth. SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JS Help Desk JS Help Desk β Best Help Desk & Support Plugin.This issue affects JS Help Desk β Best Help Desk & Support Plugin: from n/a through 2.7.1.
6.5
CVE-2022-41698 - WordPress If Menu β Visibility control for Menus plugin <= 0.16.3 - Broken Access Control
Missing Authorization vulnerability in Layered If Menu.This issue affects If Menu: from n/a through 0.16.3.
5.3
CVE-2024-1350 - WordPress Honeypot for WP Comment plugin <= 2.2.3 - Arbitrary File Deletion vulnerability
Missing Authorization vulnerability in Prasidhda Malla Honeypot for WP Comment.This issue affects Honeypot for WP Comment: from n/a through 2.2.3.