Venus-WQLab/bug_report

Releases0

Stars2

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-24189 ↗	Feb 24, 2023Friday, 24 February 2023, 22:15	9.8 CRITICAL	—
An XML External Entity (XXE) vulnerability in urule v2.1.7 allows attackers to execute arbitrary code via uploading a crafted XML file to /urule/common/saveFile.
CVE-2023-24212 ↗	Feb 23, 2023Thursday, 23 February 2023, 23:15	9.8 CRITICAL	—
Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the timeType function at /goform/SetSysTimeCfg.
CVE-2023-24187 ↗	Feb 14, 2023Tuesday, 14 February 2023, 02:15	7.8 HIGH	—
An XML External Entity (XXE) vulnerability in ureport v2.2.9 allows attackers to execute arbitrary code via uploading a crafted XML file to /ureport/designer/saveReportFile.
CVE-2023-24188 ↗	Feb 13, 2023Monday, 13 February 2023, 20:15	9.1 CRITICAL	—
ureport v2.2.9 was discovered to contain a directory traversal vulnerability via the deletion function which allows for arbitrary files to be deleted.