| Page(s) : 1 ... 1103 1104 1105 1106 1107 1108 1109 1110 1111 1112 [1113] 1114 1115 1116 1117 1118 1119 1120 1121 1122 1123 ... | Result(s) : 301260 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-01-27 | CVE-2024-12436 | cve | The WP Customer Area WordPress plugin through 8.2.4 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CS... |
| N/A | 2025-01-27 | CVE-2024-12773 | cve | The Altra Side Menu WordPress plugin through 2.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks |
| N/A | 2025-01-27 | CVE-2024-12774 | cve | The Altra Side Menu WordPress plugin through 2.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins delete arbitrary menu via a CSRF ... |
| N/A | 2025-01-27 | CVE-2024-13052 | cve | The Dental Optimizer Patient Generator App WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cr... |
| N/A | 2025-01-27 | CVE-2024-13055 | cve | The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting... |
| N/A | 2025-01-27 | CVE-2024-13056 | cve | The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting... |
| N/A | 2025-01-27 | CVE-2024-13057 | cve | The Dyn Business Panel WordPress plugin through 1.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to ma... |
| N/A | 2025-01-27 | CVE-2024-13094 | cve | The WP Triggers Lite WordPress plugin through 2.5.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting w... |
| N/A | 2025-01-27 | CVE-2024-13095 | cve | The WP Triggers Lite WordPress plugin through 2.5.3 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks |
| N/A | 2025-01-27 | CVE-2024-13116 | cve | The Crelly Slider WordPress plugin before 1.4.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-S... |
| N/A | 2025-01-27 | CVE-2024-13117 | cve | The Social Share Buttons for WordPress plugin through 2.7 allows an unauthenticated user to upload arbitrary images and change the path where they are uploaded |
| N/A | 2025-01-27 | CVE-2024-43445 | cve | A vulnerability exists in OTRS and ((OTRS Community Edition)) that fail to set the HTTP response header X-Content-Type-Options to nosniff. An attacker could exploit this vulnera... |
| N/A | 2025-01-27 | CVE-2024-43446 | cve | An improper privilege management vulnerability in OTRS Generic Interface module allows change of the Ticket status even if the user only has ro permissions. This issue affects... |
| N/A | 2025-01-27 | CVE-2025-24389 | cve | Certain errors of the upstream libraries will insert sensitive information in the OTRS or ((OTRS)) Community Edition log mechanism and mails send to the system administrator. T... |
| N/A | 2025-01-27 | CVE-2025-24390 | cve | A vulnerability in OTRS Application Server and reverse proxy settings allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions. This i... |
| N/A | 2025-01-27 | CVE-2024-52012 | cve | Relative Path Traversal vulnerability in Apache Solr. Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in ... |
| 5.5 | 2025-01-27 | CVE-2025-24814 | cve | Core creation allows users to replace "trusted" configset files with arbitrary configuration Solr instances that (1) use the "FileSystemConfigSetService" component (the default... |
| 5.4 | 2025-01-27 | CVE-2023-46187 | cve | IBM InfoSphere Master Data Management 11.6, 12.0, and 14.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in th... |
| 2.4 | 2025-01-27 | CVE-2024-28766 | cve | IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 could disclose sensitive information about directory contents that could aid in furth... |
| 4.8 | 2025-01-27 | CVE-2024-28770 | cve | IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 does not set the secure attribute on authorization tokens or session cookies. Attacke... |
| Page(s) : 1 ... 1103 1104 1105 1106 1107 1108 1109 1110 1111 1112 [1113] 1114 1115 1116 1117 1118 1119 1120 1121 1122 1123 ... | Result(s) : 301260 |
