| Page(s) : [1] 2 3 4 5 6 7 8 9 10 11 ... | Result(s) : 105715 |
Alerts
| Date | Name | Categories | Detail | |
|---|---|---|---|---|
| N/A | 2018-04-22 | CVE-2018-10298 | cve | action=newthread because data/template/1_diy_portal_view.tpl.php does not restrict the content. |
| N/A | 2018-04-22 | CVE-2018-10297 | cve | ac=article URI, related to mishandling of IMG elements associated with remote images. |
| N/A | 2018-04-22 | CVE-2018-10296 | cve | MiniCMS V1.10 has XSS via the mc-admin/post-edit.php title parameter. |
| N/A | 2018-04-22 | CVE-2018-10295 | cve | ChemCMS v1.0.6 has CSRF by using public/admin/user/addpost.html to add an administrator account. |
| N/A | 2018-04-22 | CVE-2017-17902 | cve | SQL Injection exists in Kliqqi CMS 3.5.2 via the randkey parameter of a new story at the pligg/story.php?title= URI. |
| N/A | 2018-04-22 | CVE-2017-17889 | cve | Kliqqi CMS 3.5.2 has XSS via a crafted group name in pligg/groups.php, a crafted Homepage string in a profile, or a crafted string in Tags or Description within pligg/submit.php. |
| N/A | 2018-04-22 | CVE-2018-9245 | cve | The Ericsson-LG iPECS NMS A.1Ac login portal has a SQL injection vulnerability in the User ID and password fields that allows users to bypass the login page and execute remote c... |
| N/A | 2018-04-22 | CVE-2018-10286 | cve | The Ericsson-LG iPECS NMS A.1Ac web application discloses sensitive information such as the NMS admin credentials and the PostgreSQL database credentials to logged-in users via ... |
| N/A | 2018-04-22 | CVE-2018-10285 | cve | The Ericsson-LG iPECS NMS A.1Ac web application uses incorrect access control mechanisms. Since the app does not use any sort of session ID, an attacker might bypass authenticat... |
| N/A | 2018-04-22 | CVE-2018-10289 | cve | In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space function of the pdf/pdf-xref.c file. A remote adversary could leverage this vulnerability to cause a denial of se... |
| N/A | 2018-04-21 | CVE-2018-10268 | cve | An issue was discovered in FastAdmin V1.0.0.20180417_beta. There is XSS via the application\api\controller\User.php avatar parameter. |
| N/A | 2018-04-21 | CVE-2018-10267 | cve | a=add_post URI. |
| N/A | 2018-04-21 | CVE-2018-10266 | cve | admin_p_nav=user URI. |
| N/A | 2018-04-21 | CVE-2018-10265 | cve | An issue was discovered in HongCMS v3.0.0. There is a CSRF vulnerability that can add an administrator account via the admin/index.php/users/save URI. |
| N/A | 2018-04-21 | CVE-2018-10284 | cve | Adaltech G-Ticket v70 EME104 has SQL Injection via the mobile-loja/mensagem.asp eve_cod parameter. |
| N/A | 2018-04-21 | CVE-2018-10283 | cve | CliqueMania loja virtual 14 has SQL Injection via the patch/remote.php id parameter in a recomendar action. |
| N/A | 2018-04-21 | CVE-2018-10126 | cve | LibTIFF 4.0.9 has a NULL pointer dereference in the jpeg_fdct_16x16 function in jfdctint.c. |
| N/A | 2018-04-21 | CVE-2017-15640 | cve | app/sections/user-menu.php in phpIPAM before 1.3.1 has XSS via the ip parameter. |
| N/A | 2018-04-21 | CVE-2018-10254 | cve | Netwide Assembler (NASM) 2.13 has a stack-based buffer over-read in the disasm function of the disasm/disasm.c file. Remote attackers could leverage this vulnerability to cause ... |
| N/A | 2018-04-20 | CVE-2018-10253 | cve | Paessler PRTG Network Monitor before 18.1.39.1648 mishandles stack memory during unspecified API calls. |
| Page(s) : [1] 2 3 4 5 6 7 8 9 10 11 ... | Result(s) : 105715 |
