Autore: Angelo Barbosa

A vulnerability, which was classified as critical, was found in Tenda AC15V1.0 15.03.20_multi. Affected is the function doSystemCmd of the file /goform/setUsbUnload. The manipulation of the argument deviceName leads to command injection. This vulnerability is traded as CVE-2024-30645. It is possible to launch the attack remotely. Furthermore, there is an exploit...

A vulnerability, which was classified as critical, has been found in Stilog Visual Planning 8. This issue affects some unknown processing of the component Administrative API Token Handler. The manipulation leads to improper authentication. The identification of this vulnerability is CVE-2023-49231. The attack can only be done within the local network. There is no exploit...

A vulnerability classified as problematic was found in Winter CMS 1.2.3. This vulnerability affects unknown code of the component CMS Pages Field/Plugin. The manipulation leads to injection. This vulnerability was named CVE-2024-29686. The attack can be initiated remotely. Furthermore, there is an exploit...

A vulnerability classified as critical has been found in workos authkit-nextjs up to 0.4.1. This affects an unknown part. The manipulation of the argument x-workos-session leads to authentication bypass by capture-replay. This vulnerability is uniquely identified as CVE-2024-29901. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected...

A vulnerability was found in electron packager 18.3.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Environment Variable Handler. The manipulation of the argument environment leads to transmission of private resources into a new sphere (‘resource leak’). This vulnerability is handled as CVE-2024-29900. The attack may be launched remotely. There is no exploit...