| Page(s) : 1 ... 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 [1044] 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 ... | Result(s) : 300803 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-02-03 | CVE-2024-57238 | cve | Prolink 4G LTE Mobile Wi-Fi DL-7203E V4.0.0B05 is vulnerable to SQL Injection in in the /reqproc/proc_get endpoint. The vulnerability allows an attacker to manipulate SQL querie... |
| 5.4 | 2025-02-03 | CVE-2024-11132 | cve | The Eventer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 3.9.9 due to insufficient input sanitization and o... |
| 5.3 | 2025-02-03 | CVE-2024-11133 | cve | The Eventer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'handle_pdf_download_request' function in all ve... |
| 6.5 | 2025-02-03 | CVE-2024-11134 | cve | The Eventer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'eventer_export_bookings_csv' function in all ve... |
| N/A | 2025-02-03 | CVE-2024-12511 | cve | With address book access, SMB/FTP settings could be modified, redirecting scans and possibly capturing credentials. This requires enabled scan functions and printer access. |
| 8.8 | 2025-02-03 | CVE-2024-12859 | cve | The BoomBox Theme Extensions plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.8.0 via the 'boombox_listing' shortcode... |
| N/A | 2025-02-03 | CVE-2024-56921 | cve | An issue was discovered in Open5gs v2.7.2. InitialUEMessage, Registration request sent at a specific time can crash AMF due to incorrect error handling of gmm_state_exception() ... |
| N/A | 2025-02-03 | CVE-2024-56946 | cve | Denial of service in DNS-over-QUIC in Technitium DNS Server |
| N/A | 2025-02-03 | CVE-2024-57097 | cve | ClassCMS 4.8 is vulnerable to Cross Site Scripting (XSS) in class/admin/channel.php. |
| N/A | 2025-02-03 | CVE-2024-57098 | cve | Moss v0.1.3 version has an SQL injection vulnerability that allows attackers to inject carefully designed payloads into the order parameter. |
| N/A | 2025-02-03 | CVE-2024-57099 | cve | ClassCMS v4.8 has a code execution vulnerability. Attackers can exploit this vulnerability by constructing a payload in the classview parameter of the model management feature, ... |
| N/A | 2025-02-03 | CVE-2024-57450 | cve | ChestnutCMS |
| N/A | 2025-02-03 | CVE-2024-57452 | cve | ChestnutCMS |
| N/A | 2025-02-03 | CVE-2024-57498 | cve | Cross Site Scripting vulnerability in sayski ForestBlog 20241223 allows a remote attacker to escalate privileges via the article editing function. |
| N/A | 2025-02-03 | CVE-2024-57669 | cve | Directory Traversal vulnerability in Zrlog backup-sql-file.jar v.3.0.31 allows a remote attacker to obtain sensitive information via the BackupController.java file. |
| 8.8 | 2025-02-03 | CVE-2024-57968 | cve | Advantive VeraCore before 2024.4.2.1 allows remote authenticated users to upload files to unintended folders (e.g., ones that are accessible during web browsing by other users).... |
| N/A | 2025-02-03 | CVE-2025-22978 | cve | eladmin |
| N/A | 2025-02-03 | CVE-2025-25064 | cve | SQL injection vulnerability in the ZimbraSync Service SOAP endpoint in Zimbra Collaboration 10.0.x before 10.0.12 and 10.1.x before 10.1.4 due to insufficient sanitization of a ... |
| N/A | 2025-02-03 | CVE-2025-25065 | cve | SSRF vulnerability in the RSS feed parser in Zimbra Collaboration 9.0.0 before Patch 43, 10.0.x before 10.0.12, and 10.1.x before 10.1.4 allows unauthorized redirection to inter... |
| 7.5 | 2025-02-03 | CVE-2025-25181 | cve | A SQL injection vulnerability in timeoutWarning.asp in Advantive VeraCore through 2025.1.0 allows remote attackers to execute arbitrary SQL commands via the PmSess1 parameter. |
| Page(s) : 1 ... 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 [1044] 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 ... | Result(s) : 300803 |
