Skip to main content
CVE-2024-28713 CRITICAL POC Act Now

An issue in Mblog Blog system v.3.5.0 allows an attacker to execute arbitrary code via a crafted file to the theme management feature. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload RCE Mblog
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.5%
CVE-2024-3041 CRITICAL POC Act Now

A vulnerability has been found in Netentsec NS-ASG Application Security Gateway 6.3 and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Application Security Gateway
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-3040 CRITICAL POC Act Now

A vulnerability, which was classified as critical, was found in Netentsec NS-ASG Application Security Gateway 6.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Application Security Gateway
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-30602 CRITICAL POC Act Now

Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the schedStartTime parameter of the setSchedWifi function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Fh1203 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-30589 CRITICAL POC Act Now

Tenda FH1202 v1.2.0.14(408) firmware has a stack overflow vulnerability in the entrys parameter of the fromAddressNat function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Fh1202 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-30587 CRITICAL POC Act Now

Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the urls parameter of the saveParentControlInfo function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Information Disclosure Fh1202 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-30584 CRITICAL POC Act Now

Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the security parameter of the formWifiBasicSet function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Fh1202 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-30596 CRITICAL POC Act Now

Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the deviceId parameter of the formSetDeviceName function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Information Disclosure Fh1202 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-30593 CRITICAL POC Act Now

Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability located in the deviceName parameter of the formSetDeviceName function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Fh1202 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-30595 CRITICAL POC Act Now

Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the deviceId parameter of the addWifiMacFilter function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Fh1202 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2024-3042 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Simple Subscription Website 1.0 and classified as critical.php. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Simple Subscription Website
NVD GitHub VulDB
CVSS 3.1
9.1
EPSS
0.6%
CVE-2024-30599 HIGH POC This Week

Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the deviceMac parameter of the addWifiMacFilter function. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Fh1203 Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
0.7%
CVE-2024-30591 HIGH POC This Week

Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the time parameter of the saveParentControlInfo function. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Fh1202 Firmware
NVD GitHub
CVSS 3.1
8.8
EPSS
0.7%
CVE-2024-3015 HIGH POC This Week

A vulnerability classified as critical was found in SourceCodester Simple Subscription Website 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Simple Subscription Website
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.7%
CVE-2024-3014 HIGH POC This Week

A vulnerability classified as critical has been found in SourceCodester Simple Subscription Website 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Simple Subscription Website
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.7%
CVE-2024-3012 HIGH POC This Week

A vulnerability was found in Tenda FH1205 2.0.0.7(775). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Fh1205 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
1.8%
CVE-2024-3011 HIGH POC This Week

A vulnerability was found in Tenda FH1205 2.0.0.7(775). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Fh1205 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
1.8%
CVE-2024-3010 HIGH POC This Week

A vulnerability was found in Tenda FH1205 2.0.0.7(775) and classified as critical. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Fh1205 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
1.8%
CVE-2024-3009 HIGH POC This Week

A vulnerability has been found in Tenda FH1205 2.0.0.7(775) and classified as critical. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Command Injection Fh1205 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
7.9%
CVE-2024-28714 HIGH POC This Week

SQL Injection vulnerability in CRMEB_Java e-commerce system v.1.3.4 allows an attacker to execute arbitrary code via the groupid parameter. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE SQLi Crmeb Java
NVD GitHub VulDB
CVSS 3.1
8.1
EPSS
0.8%
CVE-2024-30612 HIGH POC This Week

Tenda AC10U v15.03.06.48 has a stack overflow vulnerability in the deviceId, limitSpeed, limitSpeedUp parameter from formSetClientState function. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Ac10U Firmware
NVD GitHub
CVSS 3.1
8.1
EPSS
0.7%
CVE-2024-30601 HIGH POC This Week

Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the time parameter of the saveParentControlInfo function. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Fh1203 Firmware
NVD GitHub
CVSS 3.1
8.0
EPSS
0.7%
CVE-2024-30600 HIGH POC This Week

Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the schedEndTime parameter of the setSchedWifi function. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Fh1203 Firmware
NVD GitHub
CVSS 3.1
8.0
EPSS
0.7%
CVE-2024-30607 HIGH POC This Week

Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the deviceId parameter of the saveParentControlInfo function. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Fh1203 Firmware
NVD GitHub
CVSS 3.1
8.0
EPSS
0.7%
CVE-2024-30606 HIGH POC This Week

Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the page parameter of the fromDhcpListClient function. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Fh1203 Firmware
NVD GitHub
CVSS 3.1
8.0
EPSS
0.7%
CVE-2024-30592 HIGH POC This Week

Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the page parameter of the fromAddressNat function. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Fh1202 Firmware
NVD GitHub
CVSS 3.1
8.0
EPSS
0.7%
CVE-2024-30583 HIGH POC This Week

Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the mitInterface parameter of the fromAddressNat function. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Fh1202 Firmware
NVD GitHub
CVSS 3.1
8.0
EPSS
0.7%
CVE-2024-3024 HIGH POC This Week

A vulnerability was found in appneta tcpreplay up to 4.4.4. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Heap Overflow Buffer Overflow Tcpreplay
NVD VulDB
CVSS 3.1
7.8
EPSS
0.4%
CVE-2024-30604 HIGH POC This Week

Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the list1 parameter of the fromDhcpListClient function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Information Disclosure Fh1203 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2024-30226 CRITICAL Act Now

Deserialization of Untrusted Data vulnerability in WPDeveloper BetterDocs.3.3. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. Epss exploitation probability 11.8% and no vendor patch available.

Deserialization Betterdocs
NVD
CVSS 3.1
9.0
EPSS
11.8%
CVE-2024-0672 HIGH POC This Week

The Pz-LinkCard WordPress plugin through 2.5.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Pz Linkcard
NVD WPScan
CVSS 3.1
7.1
EPSS
0.5%
CVE-2024-29090 MEDIUM POC This Month

Server-Side Request Forgery (SSRF) vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.1.4. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SSRF Ai Engine
NVD
CVSS 3.1
6.8
EPSS
0.9%
CVE-2024-30603 MEDIUM POC This Month

Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the urls parameter of the saveParentControlInfo function. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Fh1203 Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2024-30598 MEDIUM POC This Month

Tenda FH1203 v2.0.1.6 firmware has a stack overflow vulnerability in the security_5g parameter of the formWifiBasicSet function. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Fh1203 Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2024-30597 MEDIUM POC This Month

Tenda FH1203 v2.0.1.6 firmware has a stack overflow vulnerability in the security parameter of the formWifiBasicSet function. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Fh1203 Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2024-30590 MEDIUM POC This Month

Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the schedEndTime parameter of the setSchedWifi function. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Fh1202 Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2024-30586 MEDIUM POC This Month

Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the security_5g parameter of the formWifiBasicSet function. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Fh1202 Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2024-30585 MEDIUM POC This Month

Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the deviceId parameter of the saveParentControlInfo function. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Fh1202 Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2024-29200 MEDIUM POC PATCH This Month

Kimai is a web-based multi-user time-tracking application. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Kimai
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2024-30594 MEDIUM POC This Month

Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the deviceMac parameter of the addWifiMacFilter function. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tenda Stack Overflow Fh1202 Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
CVE-2024-31063 MEDIUM POC This Month

Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the Email input field. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE XSS Insurance Management System
NVD GitHub
CVSS 3.1
6.4
EPSS
0.9%
CVE-2024-31062 MEDIUM POC This Month

Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the Street input field. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE XSS Insurance Management System
NVD GitHub
CVSS 3.1
6.3
EPSS
0.8%
CVE-2024-31064 MEDIUM POC This Month

Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the First Name input field. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS RCE Insurance Management System
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.9%
CVE-2024-30224 CRITICAL Act Now

Deserialization of Untrusted Data vulnerability in Wholesale Team WholesaleX.3.2. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization Wholesalex
NVD
CVSS 3.1
10.0
EPSS
0.9%
CVE-2024-30225 CRITICAL Act Now

Deserialization of Untrusted Data vulnerability in WPENGINE, INC. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Deserialization
NVD
CVSS 3.1
10.0
EPSS
0.6%
CVE-2024-31065 MEDIUM POC This Month

Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the City input field. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE XSS Insurance Management System
NVD GitHub
CVSS 3.1
6.1
EPSS
0.8%
CVE-2024-31061 MEDIUM POC This Month

Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the Last Name input field. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE XSS Insurance Management System
NVD GitHub
CVSS 3.1
6.1
EPSS
0.9%
CVE-2024-27719 MEDIUM POC This Month

A cross site scripting (XSS) vulnerability in rems FAQ Management System v.1.0 allows a remote attacker to obtain sensitive information via a crafted payload to the Frequently Asked Question field in. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Faq Management System
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2024-29882 MEDIUM POC PATCH This Month

SRS is a simple, high-efficiency, real-time video server. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Simple Realtime Server
NVD GitHub
CVSS 3.1
6.1
EPSS
1.1%
CVE-2024-0673 MEDIUM POC This Month

The Pz-LinkCard WordPress plugin through 2.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Pz Linkcard
NVD WPScan
CVSS 3.1
6.1
EPSS
0.5%
Page 1 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy