Total
22260 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-46353 | 1 Mypresta | 1 Product Tag Icons Pro | 2023-12-09 | N/A | 9.8 CRITICAL |
| In the module "Product Tag Icons Pro" (ticons) before 1.8.4 from MyPresta.eu for PrestaShop, a guest can perform SQL injection. The method TiconProduct::getTiconByProductAndTicon() has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection. | |||||
| CVE-2023-48823 | 1 Mayurik | 1 Courier Management System | 2023-12-09 | N/A | 9.8 CRITICAL |
| A Blind SQL injection issue in ajax.php in GaatiTrack Courier Management System 1.0 allows an unauthenticated attacker to inject a payload via the email parameter during login. | |||||
| CVE-2023-49999 | 1 Tenda | 2 W30e, W30e Firmware | 2023-12-09 | N/A | 9.8 CRITICAL |
| Tenda W30E V16.01.0.12(4843) was discovered to contain a command injection vulnerability via the function setUmountUSBPartition. | |||||
| CVE-2023-50001 | 1 Tenda | 2 W30e, W30e Firmware | 2023-12-09 | N/A | 9.8 CRITICAL |
| Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formUpgradeMeshOnline. | |||||
| CVE-2023-50000 | 1 Tenda | 2 W30e, W30e Firmware | 2023-12-09 | N/A | 9.8 CRITICAL |
| Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formResetMeshNode. | |||||
| CVE-2023-49403 | 1 Tenda | 2 W30e, W30e Firmware | 2023-12-09 | N/A | 9.8 CRITICAL |
| Tenda W30E V16.01.0.12(4843) was discovered to contain a command injection vulnerability via the function setFixTools. | |||||
| CVE-2023-49410 | 1 Tenda | 2 W30e, W30e Firmware | 2023-12-09 | N/A | 9.8 CRITICAL |
| Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function via the function set_wan_status. | |||||
| CVE-2023-49402 | 1 Tenda | 2 W30e, W30e Firmware | 2023-12-09 | N/A | 9.8 CRITICAL |
| Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function localMsg. | |||||
| CVE-2023-50002 | 1 Tenda | 2 W30e, W30e Firmware | 2023-12-09 | N/A | 9.8 CRITICAL |
| Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formRebootMeshNode. | |||||
| CVE-2023-49428 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2023-12-09 | N/A | 9.8 CRITICAL |
| Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'mac' parameter at /goform/SetOnlineDevName. | |||||
| CVE-2023-49426 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2023-12-09 | N/A | 9.8 CRITICAL |
| Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the list parameter at /goform/SetStaticRouteCfg. | |||||
| CVE-2023-49408 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2023-12-09 | N/A | 9.8 CRITICAL |
| Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the function set_device_name. | |||||
| CVE-2023-49406 | 1 Tenda | 2 W30e, W30e Firmware | 2023-12-09 | N/A | 9.8 CRITICAL |
| Tenda W30E V16.01.0.12(4843) was discovered to contain a Command Execution vulnerability via the function /goform/telnet. | |||||
| CVE-2023-49436 | 1 Tenda | 2 Ax9, Ax9 Firmware | 2023-12-09 | N/A | 9.8 CRITICAL |
| Tenda AX9 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'list' parameter at /goform/SetNetControlList. | |||||
| CVE-2023-49429 | 1 Tenda | 2 Ax9, Ax9 Firmware | 2023-12-09 | N/A | 9.8 CRITICAL |
| Tenda AX9 V22.03.01.46 was discovered to contain a SQL command injection vulnerability in the 'setDeviceInfo' feature through the 'mac' parameter at /goform/setModules. | |||||
| CVE-2023-49404 | 1 Tenda | 2 W30e, W30e Firmware | 2023-12-09 | N/A | 9.8 CRITICAL |
| Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formAdvancedSetListSet. | |||||
| CVE-2023-49405 | 1 Tenda | 2 W30e, W30e Firmware | 2023-12-09 | N/A | 9.8 CRITICAL |
| Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function UploadCfg. | |||||
| CVE-2023-49411 | 1 Tenda | 2 W30e, W30e Firmware | 2023-12-09 | N/A | 9.8 CRITICAL |
| Tenda W30E V16.01.0.12(4843) contains a stack overflow vulnerability via the function formDeleteMeshNode. | |||||
| CVE-2023-49431 | 1 Tenda | 2 Ax9, Ax9 Firmware | 2023-12-09 | N/A | 9.8 CRITICAL |
| Tenda AX9 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'mac' parameter at /goform/SetOnlineDevName. | |||||
| CVE-2023-49435 | 1 Tenda | 2 Ax9, Ax9 Firmware | 2023-12-09 | N/A | 9.8 CRITICAL |
| Tenda AX9 V22.03.01.46 is vulnerable to command injection. | |||||