Submit #446639: EnGenius ENS500-AC 3.7.20 Command Injection [Accepted]
Submit #446639 / VDB-285977
Aggregator
Submit #446638: EnGenius ENS500-AC 3.7.20 Command Injection [Accepted]
9 months 3 weeks ago
Submit #446638 / VDB-285976
liutong
Submit #446637: EnGenius ENS500-AC 3.7.20 Command Injection [Accepted]
9 months 3 weeks ago
Submit #446637 / VDB-285975
liutong
Submit #446633: EnGenius ENS500-AC 3.7.20 Command Injection [Accepted]
9 months 3 weeks ago
Submit #446633 / VDB-285974
liutong
Submit #446629: EnGenius ENS500-AC 3.7.20 Command Injection [Accepted]
9 months 3 weeks ago
Submit #446629 / VDB-285973
liutong
Submit #446623: EnGenius ENS500 3.7.20 Command Injection [Accepted]
9 months 3 weeks ago
Submit #446623 / VDB-285972
liutong
微软必应墙纸应用被指含有类似恶意程序的功能
9 months 3 weeks ago
微软最近通过 Windows Store 发布了墙纸应用 Bing Wallpaper,用 Bing 的每日图片更换用户的桌面背景。研究了该墙纸应用的开发者报告它含有类似恶意程序的功能。它会自动安装 Bing Visual Search,解密保存在其它浏览器的 cookie 代码,地理位置 Web API,它还会尝试将 Edge 设置为默认系统浏览器。如果默认浏览器不是 Edge,它会在稍后打开默认浏览器,要求启用之前安装的 Microsoft Bing Search for Chrome 扩展。
The TechBeat: Lumoz RaaS Introduces Layer 2 Solution on Move Ecosystem (11/24/2024)
9 months 3 weeks ago
Bangkok busts SMS Blaster sending 1 million scam texts from a van
9 months 3 weeks ago
The Thai police, working together with Thailand's largest telecommunications service provider, Advanced Info Service (AIS), located and busted the Chinese operators of an SMS blaster device that spammed fraudulent messages across Bangkok. [...]
Bill Toulas
CVE-2024-11650 | Tenda i9 1.0.0.8(3828) /goform/GetIPTV websReadEvent null pointer dereference
9 months 3 weeks ago
A vulnerability was found in Tenda i9 1.0.0.8(3828) and classified as critical. This issue affects the function websReadEvent of the file /goform/GetIPTV. The manipulation leads to null pointer dereference.
The identification of this vulnerability is CVE-2024-11650. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2024-11649 | 1000 Projects Beauty Parlour Management System 1.0 search-appointment.php searchdata sql injection
9 months 3 weeks ago
A vulnerability has been found in 1000 Projects Beauty Parlour Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/search-appointment.php. The manipulation of the argument searchdata leads to sql injection.
This vulnerability was named CVE-2024-11649. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2024-11648 | 1000 Projects Beauty Parlour Management System 1.0 /admin/add-customer.php name sql injection
9 months 3 weeks ago
A vulnerability, which was classified as critical, was found in 1000 Projects Beauty Parlour Management System 1.0. This affects an unknown part of the file /admin/add-customer.php. The manipulation of the argument name leads to sql injection.
This vulnerability is uniquely identified as CVE-2024-11648. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2024-11647 | 1000 Projects Beauty Parlour Management System 1.0 view-appointment.php viewid sql injection
9 months 3 weeks ago
A vulnerability, which was classified as critical, has been found in 1000 Projects Beauty Parlour Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/view-appointment.php. The manipulation of the argument viewid leads to sql injection.
This vulnerability is handled as CVE-2024-11647. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2024-11646 | 1000 Projects Beauty Parlour Management System 1.0 /admin/edit-services.php sername sql injection
9 months 3 weeks ago
A vulnerability classified as critical was found in 1000 Projects Beauty Parlour Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/edit-services.php. The manipulation of the argument sername leads to sql injection.
This vulnerability is known as CVE-2024-11646. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com
Submit #446592: Tenda i9 V1.0.0.8(3828) NULL Pointer Dereference [Accepted]
9 months 3 weeks ago
Submit #446592 / VDB-285971
xiaobor123
Submit #451245: 1000 Projects Beauty Parlour Management System PHP SQLite Project V1.0 SQL Injection [Accepted]
9 months 3 weeks ago
Submit #451245 / VDB-285970
zhugeaozun
Submit #447291: 1000 Projects Beauty Parlour Management System PHP SQLite Project V1.0 SQL Injection [Accepted]
9 months 3 weeks ago
Submit #447291 / VDB-285969
Calmgh06
Submit #446576: 1000 Projects Beauty Parlour Management System PHP SQLite Project V1.0 Non-SQL Invokable Control Element with Excessive Number of Data [Accepted]
9 months 3 weeks ago
Submit #446576 / VDB-285968
src123202411
Submit #446575: 1000 Projects Beauty Parlour Management System PHP SQLite Project V1.0 SQL Injection [Accepted]
9 months 3 weeks ago
Submit #446575 / VDB-285967
polaris0x1
CVE-2018-6220 | Trend Micro Email Encryption Gateway 5.5 injection (EDB-44166)
9 months 3 weeks ago
A vulnerability has been found in Trend Micro Email Encryption Gateway 5.5 and classified as critical. This vulnerability affects unknown code. The manipulation leads to injection.
This vulnerability was named CVE-2018-6220. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com