9.8
CVE-2024-34945 -
Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the PPW parameter at ip/goform/WizardHandle.
8.8
CVE-2024-34944 -
Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the list1 parameter at ip/goform/DhcpListClient.
6.5
CVE-2024-34946 -
Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/DhcpListClient.
8.2
CVE-2024-34974 -
Tenda AC18 v15.03.05.19 is vulnerable to Buffer Overflow in the formSetPPTPServer function via the endIp parameter.
8.3
CVE-2024-22064 - Configuration error Vulnerability in ZTE ZXUN-ePDG
ZTE ZXUN-ePDG product, which serves as the network node of the VoWifi system, under by default configuration, uses a set of non-unique cryptographic keys during establishing a secure connection(IKE) with the mobile devices connecting over the internet . If the set of keys are leaked or cracked, theβ¦
5.3
CVE-2024-4715 - Campcodes Complete Web-Based School Management System update_grade.php cross site scripting
A vulnerability, which was classified as problematic, was found in Campcodes Complete Web-Based School Management System 1.0. This affects an unknown part of the file /model/update_grade.php. The manipulation of the argument name leads to cross site scripting. It is possible to initiate the attack β¦
6.4
CVE-2024-4490 - Elegant Themes Divi Theme, Extra Theme, Divi Page Builder <= 4.25.0 - Authenticated (Contributor+) β¦
The Elegant Themes Divi theme, Extra theme, and Divi Page Builder plugin for WordPress are vulnerable to DOM-Based Stored Cross-Site Scripting via the βtitleβ parameter in versions up to, and including, 4.25.0 due to insufficient input sanitization and output escaping. This makes it possible for auβ¦
5.3
CVE-2024-4714 - Campcodes Complete Web-Based School Management System update_subject.php cross site scripting
A vulnerability, which was classified as problematic, has been found in Campcodes Complete Web-Based School Management System 1.0. Affected by this issue is some unknown functionality of the file /model/update_subject.php. The manipulation of the argument name leads to cross site scripting. The attβ¦
5.3
CVE-2024-4713 - Campcodes Complete Web-Based School Management System all_teacher.php cross site scripting
A vulnerability classified as problematic was found in Campcodes Complete Web-Based School Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /view/all_teacher.php. The manipulation of the argument page leads to cross site scripting. The attack can be launβ¦
6.5
CVE-2024-4039 - Orders Tracking for WooCommerce <= 1.2.10 - Unauthenticated Arbitrary Shortcode Execution
The The Orders Tracking for WooCommerce plugin for WordPress for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.2.10. This is due to the plugin allowing users to execute an action that does not properly validate a value before running do_shortcode. β¦