Author: Angelo Barbosa

A vulnerability was found in Tenda FH1205 2.0.0.7(775). It has been declared as critical. This vulnerability affects the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument mac leads to stack-based buffer overflow. This vulnerability was named CVE-2024-3012. The attack can be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any...

A vulnerability was found in Tenda FH1205 2.0.0.7(775). It has been classified as critical. This affects the function formQuickIndex of the file /goform/QuickIndex. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2024-3011. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any...

A vulnerability classified as problematic has been found in Cincopa Post Video Players Plugin up to 1.159 on WordPress. This affects an unknown part. The manipulation leads to cross-site request forgery. This vulnerability is uniquely identified as CVE-2024-23515. It is possible to initiate the attack remotely. There is no exploit...

A vulnerability was found in Martyn Chamberlin Don’t Muck My Markup Plugin up to 1.8 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2024-23510. The attack may be launched remotely. There is no exploit...

A vulnerability was found in Contest Gallery Plugin up to 21.3.2 on WordPress. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. This vulnerability is known as CVE-2024-30238. The attack can be launched remotely. There is no exploit...