0.0
CVE-2024-24863 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. CVE-2024-24863 has been replaced byΒ CVE-2024-36014.
0.0
CVE-2024-24862 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
6.3
CVE-2024-3740 - cym1102 nginxWebUI reload exec deserialization
A vulnerability, which was classified as critical, has been found in cym1102 nginxWebUI up to 3.9.9. This issue affects the function exec of the file /adminPage/conf/reload. The manipulation of the argument nginxExe leads to deserialization. The attack may be initiated remotely. The exploit has beeβ¦
6.3
CVE-2024-3739 - cym1102 nginxWebUI upload os command injection
A vulnerability classified as critical was found in cym1102 nginxWebUI up to 3.9.9. This vulnerability affects unknown code of the file /adminPage/main/upload. The manipulation of the argument file leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed tβ¦
7.3
CVE-2024-3738 - cym1102 nginxWebUI saveCmd handlePath certificate validation
A vulnerability classified as critical has been found in cym1102 nginxWebUI up to 3.9.9. This affects the function handlePath of the file /adminPage/conf/saveCmd. The manipulation of the argument nginxPath leads to improper certificate validation. It is possible to initiate the attack remotely. Theβ¦
6.3
CVE-2024-3737 - cym1102 nginxWebUI addOver findCountByQuery path traversal
A vulnerability was found in cym1102 nginxWebUI up to 3.9.9. It has been rated as critical. Affected by this issue is the function findCountByQuery of the file /adminPage/www/addOver. The manipulation of the argument dir leads to path traversal. The attack may be launched remotely. The exploit has β¦
4.3
CVE-2024-3736 - cym1102 nginxWebUI upload unrestricted upload
A vulnerability was found in cym1102 nginxWebUI up to 3.9.9. It has been declared as problematic. Affected by this vulnerability is the function upload of the file /adminPage/main/upload. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been discloβ¦
6.3
CVE-2024-3735 - Smart Office Main.aspx weak password
A vulnerability was found in Smart Office up to 20240405. It has been classified as problematic. Affected is an unknown function of the file Main.aspx. The manipulation of the argument New Password/Confirm Password with the input 1 leads to weak password requirements. It is possible to launch the aβ¦
6.3
CVE-2024-3721 - TBK DVR-4104/DVR-4216 os command injection
A vulnerability was found in TBK DVR-4104 and DVR-4216 up to 20240412 and classified as critical. This issue affects some unknown processing of the file /device.rsp?opt=sys&cmd=___S_O_S_T_R_E_A_MAX___. The manipulation of the argument mdb/mdc leads to os command injection. The attack may be initiatβ¦
6.3
CVE-2024-3720 - Tianwell Fire Intelligent Command Platform API Interface page sql injection
A vulnerability has been found in Tianwell Fire Intelligent Command Platform 1.1.1.1 and classified as critical. This vulnerability affects unknown code of the file /mfsNotice/page of the component API Interface. The manipulation of the argument gsdwid leads to sql injection. The attack can be initβ¦