Vulnerability ID : CVE-2024-27957

First published on : 17-03-2024 17:15:06
Last modified on : 17-03-2024 22:38:29

Description :
Unrestricted Upload of File with Dangerous Type vulnerability in Pie Register.This issue affects Pie Register: from n/a through 3.8.3.1.

CVE ID : CVE-2024-27957
Source : audit@patchstack.com
CVSS Score : 10.0

References :
https://patchstack.com/database/vulnerability/pie-register/wordpress-pie-register-plugin-3-8-3-1-unauthenticated-arbitrary-file-upload-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-434

Vulnerability ID : CVE-2024-2546

First published on : 17-03-2024 02:15:06
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability has been found in Tenda AC18 15.13.07.09 and classified as critical. Affected by this vulnerability is the function fromSetWirelessRepeat. The manipulation of the argument wpapsk_crypto5g leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256999. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2546
Source : cna@vuldb.com
CVSS Score : 8.8

References :
https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/A18/fromSetWirelessRepeat_a.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256999 | source : cna@vuldb.com
https://vuldb.com/?id.256999 | source : cna@vuldb.com

Vulnerability : CWE-121

Vulnerability ID : CVE-2024-2547

First published on : 17-03-2024 04:15:06
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability was found in Tenda AC18 15.03.05.05 and classified as critical. Affected by this issue is the function R7WebsSecurityHandler. The manipulation of the argument password leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257000. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2547
Source : cna@vuldb.com
CVSS Score : 8.8

References :
https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/R7WebsSecurityHandler.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.257000 | source : cna@vuldb.com
https://vuldb.com/?id.257000 | source : cna@vuldb.com

Vulnerability : CWE-121

Vulnerability ID : CVE-2024-2558

First published on : 17-03-2024 09:15:07
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability was found in Tenda AC18 15.03.05.05. It has been rated as critical. This issue affects the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257057 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2558
Source : cna@vuldb.com
CVSS Score : 8.8

References :
https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/formexeCommand.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.257057 | source : cna@vuldb.com
https://vuldb.com/?id.257057 | source : cna@vuldb.com

Vulnerability : CWE-121

Vulnerability ID : CVE-2024-2566

First published on : 17-03-2024 15:15:07
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability was found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240313. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file api/client/get_extension_yl.php. The manipulation of the argument imei leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257065 was assigned to this vulnerability.

CVE ID : CVE-2024-2566
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://h0e4a0r1t.github.io/2024/vulns/Fujian%20Kelixin%20Communication%20Co.,%20Ltd.%20Command%20and%20Dispatch%20Platform%20SQL%20Injection%20Vulnerability-get_extension_yl.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.257065 | source : cna@vuldb.com
https://vuldb.com/?id.257065 | source : cna@vuldb.com

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-27958

First published on : 17-03-2024 17:15:06
Last modified on : 17-03-2024 22:38:29

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeisle Visualizer allows Reflected XSS.This issue affects Visualizer: from n/a through 3.10.5.

CVE ID : CVE-2024-27958
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/visualizer/wordpress-visualizer-plugin-3-10-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-27959

First published on : 17-03-2024 17:15:06
Last modified on : 17-03-2024 22:38:29

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wpexpertsio WC Shop Sync – Integrate Square and WooCommerce for Seamless Shop Management allows Reflected XSS.This issue affects WC Shop Sync – Integrate Square and WooCommerce for Seamless Shop Management: from n/a through 4.2.9.

CVE ID : CVE-2024-27959
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/woosquare/wordpress-apiexperts-square-for-woocommerce-plugin-4-2-9-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-27960

First published on : 17-03-2024 17:15:07
Last modified on : 17-03-2024 22:38:29

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in I Thirteen Web Solution Email Subscription Popup allows Stored XSS.This issue affects Email Subscription Popup: from n/a through 1.2.20.

CVE ID : CVE-2024-27960
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/email-subscribe/wordpress-email-subscription-popup-plugin-1-2-20-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-27961

First published on : 17-03-2024 17:15:07
Last modified on : 17-03-2024 22:38:29

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codekraft AntiSpam for Contact Form 7 allows Reflected XSS.This issue affects AntiSpam for Contact Form 7: from n/a through 0.6.0.

CVE ID : CVE-2024-27961
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/cf7-antispam/wordpress-antispam-for-contact-form-7-plugin-0-6-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-2534

First published on : 17-03-2024 00:15:06
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability, which was classified as critical, was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. This affects an unknown part of the file /admin/users.php. The manipulation of the argument user_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256971. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2534
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/SQL%20Injection%20-%20users.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256971 | source : cna@vuldb.com
https://vuldb.com/?id.256971 | source : cna@vuldb.com

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2554

First published on : 17-03-2024 05:15:06
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability has been found in SourceCodester Employee Task Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file update-employee.php. The manipulation of the argument admin_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257053 was assigned to this vulnerability.

CVE ID : CVE-2024-2554
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/2024/Task%20Management%20System%20-%20multiple%20vulnerabilities.md#3sql-injection-vulnerability-in-update-employeephp | source : cna@vuldb.com
https://vuldb.com/?ctiid.257053 | source : cna@vuldb.com
https://vuldb.com/?id.257053 | source : cna@vuldb.com

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2555

First published on : 17-03-2024 07:15:05
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability was found in SourceCodester Employee Task Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file update-admin.php. The manipulation of the argument admin_id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-257054 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-2555
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/2024/Task%20Management%20System%20-%20multiple%20vulnerabilities.md#4sql-injection-vulnerability-in-update-adminphp | source : cna@vuldb.com
https://vuldb.com/?ctiid.257054 | source : cna@vuldb.com
https://vuldb.com/?id.257054 | source : cna@vuldb.com

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2556

First published on : 17-03-2024 08:15:05
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability was found in SourceCodester Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file attendance-info.php. The manipulation of the argument user_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257055.

CVE ID : CVE-2024-2556
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/tht1997/WhiteBox/blob/main/sourcecodesters/employee-management-system-php-attendance-info.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.257055 | source : cna@vuldb.com
https://vuldb.com/?id.257055 | source : cna@vuldb.com

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2561

First published on : 17-03-2024 11:15:06
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability, which was classified as critical, has been found in 74CMS 3.28.0. Affected by this issue is the function sendCompanyLogo of the file /controller/company/Index.php#sendCompanyLogo of the component Company Logo Handler. The manipulation of the argument imgBase64 leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257060.

CVE ID : CVE-2024-2561
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://gist.github.com/Southseast/9f5284d8ee0f6d91e72eef73b285512a | source : cna@vuldb.com
https://vuldb.com/?ctiid.257060 | source : cna@vuldb.com
https://vuldb.com/?id.257060 | source : cna@vuldb.com

Vulnerability : CWE-434

Vulnerability ID : CVE-2024-2562

First published on : 17-03-2024 12:15:07
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability, which was classified as critical, was found in PandaXGO PandaX up to 20240310. This affects the function InsertRole of the file /apps/system/services/role_menu.go. The manipulation of the argument roleKey leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257061 was assigned to this vulnerability.

CVE ID : CVE-2024-2562
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/PandaXGO/PandaX/issues/4 | source : cna@vuldb.com
https://vuldb.com/?ctiid.257061 | source : cna@vuldb.com
https://vuldb.com/?id.257061 | source : cna@vuldb.com

Vulnerability : CWE-89

Vulnerability ID : CVE-2024-2564

First published on : 17-03-2024 14:15:06
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability was found in PandaXGO PandaX up to 20240310 and classified as critical. This issue affects the function ExportUser of the file /apps/system/api/user.go. The manipulation of the argument filename leads to path traversal: '../filedir'. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257063.

CVE ID : CVE-2024-2564
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/PandaXGO/PandaX/issues/6 | source : cna@vuldb.com
https://vuldb.com/?ctiid.257063 | source : cna@vuldb.com
https://vuldb.com/?id.257063 | source : cna@vuldb.com

Vulnerability : CWE-24

Vulnerability ID : CVE-2024-2565

First published on : 17-03-2024 15:15:07
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability was found in PandaXGO PandaX up to 20240310. It has been classified as critical. Affected is an unknown function of the file /apps/system/router/upload.go of the component File Extension Handler. The manipulation of the argument file leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257064.

CVE ID : CVE-2024-2565
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/PandaXGO/PandaX/issues/5 | source : cna@vuldb.com
https://vuldb.com/?ctiid.257064 | source : cna@vuldb.com
https://vuldb.com/?id.257064 | source : cna@vuldb.com

Vulnerability : CWE-434

Vulnerability ID : CVE-2024-2563

First published on : 17-03-2024 12:15:07
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability has been found in PandaXGO PandaX up to 20240310 and classified as critical. This vulnerability affects the function DeleteImage of the file /apps/system/router/upload.go. The manipulation of the argument fileName with the input ../../../../../../../../../tmp/1.txt leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-257062 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-2563
Source : cna@vuldb.com
CVSS Score : 5.4

References :
https://github.com/PandaXGO/PandaX/pull/3 | source : cna@vuldb.com
https://vuldb.com/?ctiid.257062 | source : cna@vuldb.com
https://vuldb.com/?id.257062 | source : cna@vuldb.com

Vulnerability : CWE-24

Vulnerability ID : CVE-2024-2557

First published on : 17-03-2024 09:15:07
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability was found in kishor-23 Food Waste Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/admin.php. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257056. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2557
Source : cna@vuldb.com
CVSS Score : 5.3

References :
https://github.com/vanitashtml/CVE-Dumps/blob/main/Execute%20After%20Redirect%20-%20Food%20Management%20System.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.257056 | source : cna@vuldb.com
https://vuldb.com/?id.257056 | source : cna@vuldb.com

Vulnerability : CWE-285

Vulnerability ID : CVE-2024-2559

First published on : 17-03-2024 10:15:06
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability classified as problematic has been found in Tenda AC18 15.03.05.05. Affected is the function fromSysToolReboot of the file /goform/SysToolReboot. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-257058 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2559
Source : cna@vuldb.com
CVSS Score : 4.3

References :
https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/fromSysToolReboot.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.257058 | source : cna@vuldb.com
https://vuldb.com/?id.257058 | source : cna@vuldb.com

Vulnerability : CWE-352

Vulnerability ID : CVE-2024-2560

First published on : 17-03-2024 11:15:06
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability classified as problematic was found in Tenda AC18 15.03.05.05. Affected by this vulnerability is the function fromSysToolRestoreSet of the file /goform/SysToolRestoreSet. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257059. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2560
Source : cna@vuldb.com
CVSS Score : 4.3

References :
https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Tenda/AC18/fromSysToolRestoreSet.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.257059 | source : cna@vuldb.com
https://vuldb.com/?id.257059 | source : cna@vuldb.com

Vulnerability : CWE-352

Vulnerability ID : CVE-2024-24867

First published on : 17-03-2024 16:15:08
Last modified on : 17-03-2024 22:38:29

Description :
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Osamaesh WP Visitor Statistics (Real Time Traffic).This issue affects WP Visitor Statistics (Real Time Traffic): from n/a through 6.9.4.

CVE ID : CVE-2024-24867
Source : audit@patchstack.com
CVSS Score : 5.3

References :
https://patchstack.com/database/vulnerability/wp-stats-manager/wordpress-wp-stats-manager-plugin-6-9-4-sensitive-data-exposure-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-200

Vulnerability ID : CVE-2024-25933

First published on : 17-03-2024 16:15:08
Last modified on : 17-03-2024 22:38:29

Description :
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pepro Dev. Group PeproDev Ultimate Invoice.This issue affects PeproDev Ultimate Invoice: from n/a through 1.9.7.

CVE ID : CVE-2024-25933
Source : audit@patchstack.com
CVSS Score : 5.3

References :
https://patchstack.com/database/vulnerability/pepro-ultimate-invoice/wordpress-peprodev-ultimate-invoice-plugin-1-9-7-sensitive-data-exposure-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-200

Vulnerability ID : CVE-2024-25591

First published on : 17-03-2024 17:15:06
Last modified on : 17-03-2024 22:38:29

Description :
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Benjamin Rojas WP Editor.This issue affects WP Editor: from n/a through 1.2.7.

CVE ID : CVE-2024-25591
Source : audit@patchstack.com
CVSS Score : 5.3

References :
https://patchstack.com/database/vulnerability/wp-editor/wordpress-wp-editor-plugin-1-2-7-sensitive-data-exposure-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-200

Vulnerability ID : CVE-2024-25903

First published on : 17-03-2024 17:15:06
Last modified on : 17-03-2024 22:38:29

Description :
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in N-Media Frontend File Manager.This issue affects Frontend File Manager: from n/a through 22.7.

CVE ID : CVE-2024-25903
Source : audit@patchstack.com
CVSS Score : 5.3

References :
https://patchstack.com/database/vulnerability/nmedia-user-file-uploader/wordpress-frontend-file-manager-plugin-plugin-22-7-sensitive-data-exposure-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-200

Vulnerability ID : CVE-2024-2535

First published on : 17-03-2024 01:15:50
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability has been found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/users.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-256972. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-2535
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Reflected%20XSS%20-%20users.php.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.256972 | source : cna@vuldb.com
https://vuldb.com/?id.256972 | source : cna@vuldb.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-2553

First published on : 17-03-2024 04:15:07
Last modified on : 17-03-2024 22:38:29

Description :
A vulnerability, which was classified as problematic, was found in SourceCodester Product Review Rating System 1.0. Affected is an unknown function of the component Rate Product Handler. The manipulation of the argument Your Name/Comment leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257052.

CVE ID : CVE-2024-2553
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://github.com/BurakSevben/CVEs/blob/main/Product%20Rating%20System/Product%20Rating%20System%20-%20Cross-Site-Scripting-1.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.257052 | source : cna@vuldb.com
https://vuldb.com/?id.257052 | source : cna@vuldb.com

Vulnerability : CWE-79

Vulnerability ID : CVE-2024-2567

First published on : 17-03-2024 21:15:05
Last modified on : 17-03-2024 22:38:29

Description :
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as problematic, was found in jurecapuder AndroidWeatherApp 1.0.0 on Android. Affected is an unknown function of the file androidmanifest.xml of the component Backup File Handler. The manipulation leads to exposure of backup file to an unauthorized control sphere. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. VDB-257070 is the identifier assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: The code maintainer was contacted early about this disclosure but did not respond in any way. Instead the GitHub repository got deleted after a few days. We have to assume that the product is not supported anymore.

CVE ID : CVE-2024-2567
Source : cna@vuldb.com
CVSS Score : 1.8

References :
https://github.com/ctflearner/Android_Findings/blob/main/AndroidWeatherApp/Android_backup.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.257070 | source : cna@vuldb.com
https://vuldb.com/?id.257070 | source : cna@vuldb.com

Vulnerability : CWE-530