| Page(s) : 1 ... 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 [1057] 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 ... | Result(s) : 301060 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 6.5 | 2025-02-03 | CVE-2024-11134 | cve | The Eventer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'eventer_export_bookings_csv' function in all ve... |
| N/A | 2025-02-03 | CVE-2024-12511 | cve | With address book access, SMB/FTP settings could be modified, redirecting scans and possibly capturing credentials. This requires enabled scan functions and printer access. |
| 8.8 | 2025-02-03 | CVE-2024-12859 | cve | The BoomBox Theme Extensions plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.8.0 via the 'boombox_listing' shortcode... |
| N/A | 2025-02-03 | CVE-2024-56921 | cve | An issue was discovered in Open5gs v2.7.2. InitialUEMessage, Registration request sent at a specific time can crash AMF due to incorrect error handling of gmm_state_exception() ... |
| N/A | 2025-02-03 | CVE-2024-56946 | cve | Denial of service in DNS-over-QUIC in Technitium DNS Server |
| N/A | 2025-02-03 | CVE-2024-57097 | cve | ClassCMS 4.8 is vulnerable to Cross Site Scripting (XSS) in class/admin/channel.php. |
| N/A | 2025-02-03 | CVE-2024-57098 | cve | Moss v0.1.3 version has an SQL injection vulnerability that allows attackers to inject carefully designed payloads into the order parameter. |
| N/A | 2025-02-03 | CVE-2024-57099 | cve | ClassCMS v4.8 has a code execution vulnerability. Attackers can exploit this vulnerability by constructing a payload in the classview parameter of the model management feature, ... |
| N/A | 2025-02-03 | CVE-2024-57450 | cve | ChestnutCMS |
| N/A | 2025-02-03 | CVE-2024-57452 | cve | ChestnutCMS |
| N/A | 2025-02-03 | CVE-2024-57498 | cve | Cross Site Scripting vulnerability in sayski ForestBlog 20241223 allows a remote attacker to escalate privileges via the article editing function. |
| N/A | 2025-02-03 | CVE-2024-57669 | cve | Directory Traversal vulnerability in Zrlog backup-sql-file.jar v.3.0.31 allows a remote attacker to obtain sensitive information via the BackupController.java file. |
| 8.8 | 2025-02-03 | CVE-2024-57968 | cve | Advantive VeraCore before 2024.4.2.1 allows remote authenticated users to upload files to unintended folders (e.g., ones that are accessible during web browsing by other users).... |
| N/A | 2025-02-03 | CVE-2025-22978 | cve | eladmin |
| N/A | 2025-02-03 | CVE-2025-25064 | cve | SQL injection vulnerability in the ZimbraSync Service SOAP endpoint in Zimbra Collaboration 10.0.x before 10.0.12 and 10.1.x before 10.1.4 due to insufficient sanitization of a ... |
| N/A | 2025-02-03 | CVE-2025-25065 | cve | SSRF vulnerability in the RSS feed parser in Zimbra Collaboration 9.0.0 before Patch 43, 10.0.x before 10.0.12, and 10.1.x before 10.1.4 allows unauthorized redirection to inter... |
| 7.5 | 2025-02-03 | CVE-2025-25181 | cve | A SQL injection vulnerability in timeoutWarning.asp in Advantive VeraCore through 2025.1.0 allows remote attackers to execute arbitrary SQL commands via the PmSess1 parameter. |
| N/A | 2025-02-03 | CVE-2023-52163 | cve | Digiever DS-2105 Pro 3.1.0.71-11 devices allow time_tzsetup.cgi Command Injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. |
| N/A | 2025-02-03 | CVE-2023-52164 | cve | access_device.cgi on Digiever DS-2105 Pro 3.1.0.71-11 devices allows arbitrary file read. NOTE: This vulnerability only affects products that are no longer supported by the main... |
| N/A | 2025-02-03 | CVE-2024-34896 | cve | An issue in Nedis SmartLife Video Doorbell (WIFICDP10GY), Nedis SmartLife IOS v1.4.0 causes users who are disconnected from a previous peer-to-peer connection with the device to... |
| Page(s) : 1 ... 1047 1048 1049 1050 1051 1052 1053 1054 1055 1056 [1057] 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 ... | Result(s) : 301060 |
