Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 2 3 4 5 6 [7] 8 9 10 11 12 13 14 15 16 17 ... Result(s) : 33998

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
9.8 2024-02-08 CVE-2023-50061 cve PrestaShop Op'art Easy Redirect >= 1.3.8 and
9.8 2024-02-08 CVE-2024-24213 cve Supabase PostgreSQL v15.1 was discovered to contain a SQL injection vulnerability via the component /pg_meta/default/query. NOTE: the vendor's position is that this is an i...
9.8 2024-02-08 CVE-2024-24321 cve An issue in Dlink DIR-816A2 v.1.10CNB05 allows a remote attacker to execute arbitrary code via the wizardstep4_ssid_2 parameter in the sub_42DA54 function.
9.8 2024-02-08 CVE-2024-1207 cve The WP Booking Calendar plugin for WordPress is vulnerable to SQL Injection via the 'calendar_request_params[dates_ddmmyy_csv]' parameter in all versions up to, and in...
9.6 2024-02-08 CVE-2023-48974 cve Cross Site Scripting vulnerability in Axigen WebMail prior to 10.3.3.61 allows a remote attacker to escalate privileges via a crafted script to the serverName_input parameter.
9.8 2024-02-08 CVE-2024-24018 cve A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pass in crafted offset, limit, and sort parameters to perform SQL injection via...
9.8 2024-02-08 CVE-2024-24023 cve A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior. An attacker can pass specially crafted offset, limit, and sort parameters to perform SQL injection via /...
9.8 2024-02-08 CVE-2024-24024 cve An arbitrary File download vulnerability exists in Novel-Plus v4.3.0-RC1 and prior at com.java2nb.common.controller.FileController: fileDownload(). An attacker can pass in speci...
9.8 2024-02-08 CVE-2024-24025 cve An arbitrary File upload vulnerability exists in Novel-Plus v4.3.0-RC1 and prior at com.java2nb.common.controller.FileController: upload(). An attacker can pass in specially cra...
9.8 2024-02-08 CVE-2024-24026 cve An arbitrary File upload vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions at com.java2nb.system.controller.SysUserController: uploadImg(). An attacker can pass i...
9.8 2024-02-08 CVE-2024-22394 cve An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote attacker to bypass authentic...
9.8 2024-02-08 CVE-2024-24003 cve jshERP v3.3 is vulnerable to SQL Injection. The com.jsh.erp.controller.DepotHeadController: com.jsh.erp.utils.BaseResponseInfo findInOutMaterialCount() function of jshERP does n...
9.8 2024-02-08 CVE-2024-24014 cve A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pass crafted offset, limit, and sort parameters to perform SQL injection via /n...
9.8 2024-02-08 CVE-2024-24017 cve A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. An attacker can pass crafted offset, limit, and sort parameters to perform SQL injection via /c...
9.8 2024-02-08 CVE-2024-24021 cve A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior. An attacker can pass specially crafted offset, limit, and sort parameters to perform SQL injection via /...
9.8 2024-02-08 CVE-2024-24202 cve An arbitrary file upload vulnerability in /upgrade/control.php of ZenTao Community Edition v18.10, ZenTao Biz v8.10, and ZenTao Max v4.10 allows attackers to execute arbitrary c...
9.8 2024-02-07 CVE-2023-38995 cve An issue in SCHUHFRIED v.8.22.00 allows remote attacker to obtain the database password via crafted curl command.
9.8 2024-02-07 CVE-2024-24811 cve SQLAlchemyDA is a generic database adapter for ZSQL methods. A vulnerability found in versions prior to 2.2 allows unauthenticated execution of arbitrary SQL statements on the d...
9.8 2024-02-07 CVE-2023-32328 cve IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure protocols in some instances that could allow an attacker on the network to take control of the server. IBM X-...
9.8 2024-02-07 CVE-2023-32330 cve IBM Security Verify Access 10.0.0.0 through 10.0.6.1 uses insecure calls that could allow an attacker on the network to take control of the server. IBM X-Force ID: 254977.
Page(s) : 1 2 3 4 5 6 [7] 8 9 10 11 12 13 14 15 16 17 ... Result(s) : 33998