For individuals | HunCERT group

21 Feb 2024

Riasztás

NA - CVE-2024-25461 - Directory Traversal vulnerability in Terrasoft,...

Directory Traversal vulnerability in Terrasoft, Creatio Terrasoft CRM v.7.18.4.1532 allows a remote attacker to obtain sensitive information via a crafted request to the terrasoft.axd component.

security-database.com

21 Feb 2024

Riasztás

NA - CVE-2024-26310 - Archer Platform 6.8 before 6.14 P2 (6.14.0.2)...

Archer Platform 6.8 before 6.14 P2 (6.14.0.2) contains an improper access control vulnerability. A remote authenticated malicious user could potentially exploit this to gain access to API...

security-database.com

21 Feb 2024

Riasztás

NA - CVE-2024-26311 - Archer Platform 6.x before 6.14 P2 HF1...

Archer Platform 6.x before 6.14 P2 HF1 (6.14.0.2.1) contains a reflected XSS vulnerability. A remote authenticated malicious Archer user could potentially exploit this by tricking a victim...

security-database.com

21 Feb 2024

Riasztás

NA - CVE-2023-24330 - Command Injection vulnerability in D-Link Dir...

Command Injection vulnerability in D-Link Dir 882 with firmware version DIR882A1_FW130B06 allows attackers to run arbitrary commands via crafted POST request to /HNAP1/.

security-database.com

21 Feb 2024

Riasztás

NA - CVE-2023-24331 - Command Injection vulnerability in D-Link Dir...

Command Injection vulnerability in D-Link Dir 816 with firmware version DIR-816_A2_v1.10CNB04 allows attackers to run arbitrary commands via the urlAdd parameter.

security-database.com

21 Feb 2024

Riasztás

NA - CVE-2023-24332 - A stack overflow vulnerability in Tenda AC6...

A stack overflow vulnerability in Tenda AC6 with firmware version US_AC6V5.0re_V03.03.02.01_cn_TDC01 allows attackers to run arbitrary commands via crafted POST request to /goform/PowerSaveSet.

security-database.com

21 Feb 2024

Riasztás

NA - CVE-2023-24333 - A stack overflow vulnerability in Tenda AC21...

A stack overflow vulnerability in Tenda AC21 with firmware version US_AC21V1.0re_V16.03.08.15_cn_TDC01 allows attackers to run arbitrary commands via crafted POST request to /goform/openSchedWifi.

security-database.com

21 Feb 2024

Riasztás

NA - CVE-2023-24334 - A stack overflow vulnerability in Tenda AC23...

A stack overflow vulnerability in Tenda AC23 with firmware version US_AC23V1.0re_V16.03.07.45_cn_TDC01 allows attackers to run arbitrary commands via schedStartTime parameter.

security-database.com

21 Feb 2024

Riasztás

NA - CVE-2023-37177 - SQL Injection vulnerability in PMB Services PMB...

SQL Injection vulnerability in PMB Services PMB v.7.4.7 and before allows a remote unauthenticated attacker to execute arbitrary code via the query parameter in the /admin/convert/export_z3950.php...

security-database.com

21 Feb 2024

Riasztás

NA - CVE-2023-38844 - SQL injection vulnerability in PMB v.7.4.7 and...

SQL injection vulnerability in PMB v.7.4.7 and earlier allows a remote attacker to execute arbitrary code via the thesaurus parameter in export_skos.php.

security-database.com

Phone:	+36 1 279 6222 9am to 4pm
E-mail:	@email
Address:	H-1111 Budapest, Kende u. 13-17.