Aggregator

Submit #785563 / VDB-355406

Submit #785554 / VDB-355405

Submit #785552 / VDB-355404

Submit #785551 / VDB-355403

Submit #785538 / VDB-355402

Submit #785537 / VDB-355401

A vulnerability identified as critical has been detected in Tenda i12 1.0.0.11(3862). Affected by this vulnerability is the function formwrlSSIDset of the file /goform/wifiSSIDset of the component Parameter Handler. This manipulation of the argument index/wl_radio causes stack-based buffer overflow. The identification of this vulnerability is CVE-2026-5609. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability categorized as critical has been discovered in Belkin F9K1122 1.00.33. Affected is the function formWlanSetup of the file /goform/formWlanSetup. The manipulation of the argument webpage results in stack-based buffer overflow. This vulnerability was named CVE-2026-5608. The attack may be performed from remote. In addition, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #785536 / VDB-327182

Submit #785337 / VDB-355400

Submit #785519 / VDB-296466

Submit #785338 / VDB-350654

Submit #785336 / VDB-350655

Submit #785335 / VDB-300532

Submit #785334 / VDB-296469

Submit #785322 / VDB-350653

A vulnerability, which was classified as problematic, has been found in EventPrime Events EventPrime Plugin up to 4.0.4.5 on WordPress. Affected is an unknown function. This manipulation causes open redirect. This vulnerability is registered as CVE-2024-47648. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability was found in NinjaTeam Multi Step for Contact Form Plugin up to 2.7.7 on WordPress. It has been declared as critical. The affected element is an unknown function. Executing a manipulation can lead to sql injection. This vulnerability is tracked as CVE-2024-47331. The attack can be launched remotely. No exploit exists.

A vulnerability was found in QuomodoSoft ElementsReady Addons for Elementor Plugin up to 6.4.2 on WordPress. It has been rated as problematic. The impacted element is an unknown function. The manipulation leads to open redirect. This vulnerability is listed as CVE-2024-47353. The attack may be initiated remotely. There is no available exploit.

A vulnerability categorized as critical has been discovered in Revmakx Backup and Staging by WP Time Capsule Plugin up to 1.22.21 on WordPress. This affects an unknown function. The manipulation results in sql injection. This vulnerability is cataloged as CVE-2024-48020. The attack may be launched remotely. There is no exploit available.