| Page(s) : 1 ... 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 [1031] 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 ... | Result(s) : 327069 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-02-12 | CVE-2025-26346 | cve | A CWE-89 "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')" in maxprofile/menu/model.lua (editUserGroupMenu endpoint) in Q-Free Max... |
| N/A | 2025-02-12 | CVE-2025-26347 | cve | A CWE-306 "Missing Authentication for Critical Function" in maxprofile/menu/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote at... |
| N/A | 2025-02-12 | CVE-2025-26348 | cve | A CWE-89 "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')" in maxprofile/menu/model.lua (editUserMenu endpoint) in Q-Free MaxTime ... |
| N/A | 2025-02-12 | CVE-2025-26349 | cve | A CWE-23 "Relative Path Traversal" in the file upload mechanism in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to overwrite arbit... |
| N/A | 2025-02-12 | CVE-2025-26350 | cve | A CWE-434 "Unrestricted Upload of File with Dangerous Type" in the template file uploads in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote at... |
| N/A | 2025-02-12 | CVE-2025-26351 | cve | A CWE-35 "Path Traversal" in the template download mechanism in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to read sensitive fil... |
| N/A | 2025-02-12 | CVE-2025-26352 | cve | A CWE-35 "Path Traversal" in the template deletion mechanism in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to delete sensitive f... |
| N/A | 2025-02-12 | CVE-2025-26353 | cve | A CWE-35 "Path Traversal" in maxtime/api/sql/sql.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to read sensitive files via c... |
| N/A | 2025-02-12 | CVE-2025-26354 | cve | A CWE-35 "Path Traversal" in maxtime/api/database/database.lua (copy endpoint) in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to ... |
| N/A | 2025-02-12 | CVE-2025-26355 | cve | A CWE-35 "Path Traversal" in maxtime/api/database/database.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to delete sensitive... |
| N/A | 2025-02-12 | CVE-2025-26356 | cve | A CWE-35 "Path Traversal" in maxtime/api/database/database.lua (setActive endpoint) in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacke... |
| N/A | 2025-02-12 | CVE-2025-26357 | cve | A CWE-35 "Path Traversal" in maxtime/api/database/database.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to read sensitive f... |
| N/A | 2025-02-12 | CVE-2025-26358 | cve | A CWE-20 "Improper Input Validation" in ldbMT.so in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated remote attacker to modify system configuration vi... |
| N/A | 2025-02-12 | CVE-2025-26359 | cve | A CWE-306 "Missing Authentication for Critical Function" in maxprofile/accounts/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remot... |
| N/A | 2025-02-12 | CVE-2025-26360 | cve | A CWE-306 "Missing Authentication for Critical Function" in maxprofile/persistance/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated re... |
| N/A | 2025-02-12 | CVE-2025-26361 | cve | A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote a... |
| N/A | 2025-02-12 | CVE-2025-26362 | cve | A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote a... |
| N/A | 2025-02-12 | CVE-2025-26363 | cve | A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote a... |
| N/A | 2025-02-12 | CVE-2025-26364 | cve | A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote a... |
| N/A | 2025-02-12 | CVE-2025-26365 | cve | A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote a... |
| Page(s) : 1 ... 1021 1022 1023 1024 1025 1026 1027 1028 1029 1030 [1031] 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 ... | Result(s) : 327069 |
