| Page(s) : 1 ... 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 [1142] 1143 1144 1145 1146 1147 1148 1149 1150 1151 1152 ... | Result(s) : 327297 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-01-27 | CVE-2024-12774 | cve | The Altra Side Menu WordPress plugin through 2.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins delete arbitrary menu via a CSRF ... |
| N/A | 2025-01-27 | CVE-2024-13052 | cve | The Dental Optimizer Patient Generator App WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cr... |
| N/A | 2025-01-27 | CVE-2024-13055 | cve | The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting... |
| N/A | 2025-01-27 | CVE-2024-13056 | cve | The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting... |
| N/A | 2025-01-27 | CVE-2024-13057 | cve | The Dyn Business Panel WordPress plugin through 1.0.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to ma... |
| N/A | 2025-01-27 | CVE-2024-13094 | cve | The WP Triggers Lite WordPress plugin through 2.5.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting w... |
| N/A | 2025-01-27 | CVE-2024-13095 | cve | The WP Triggers Lite WordPress plugin through 2.5.3 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks |
| N/A | 2025-01-27 | CVE-2024-13116 | cve | The Crelly Slider WordPress plugin before 1.4.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-S... |
| N/A | 2025-01-27 | CVE-2024-13117 | cve | The Social Share Buttons for WordPress plugin through 2.7 allows an unauthenticated user to upload arbitrary images and change the path where they are uploaded |
| N/A | 2025-01-27 | CVE-2024-43445 | cve | A vulnerability exists in OTRS and ((OTRS Community Edition)) that fail to set the HTTP response header X-Content-Type-Options to nosniff. An attacker could exploit this vulnera... |
| N/A | 2025-01-27 | CVE-2024-43446 | cve | An improper privilege management vulnerability in OTRS Generic Interface module allows change of the Ticket status even if the user only has ro permissions. This issue affects... |
| N/A | 2025-01-27 | CVE-2025-24389 | cve | Certain errors of the upstream libraries will insert sensitive information in the OTRS or ((OTRS)) Community Edition log mechanism and mails send to the system administrator. T... |
| N/A | 2025-01-27 | CVE-2025-24390 | cve | A vulnerability in OTRS Application Server and reverse proxy settings allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions. This i... |
| N/A | 2025-01-27 | CVE-2024-52012 | cve | Relative Path Traversal vulnerability in Apache Solr. Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in ... |
| 5.5 | 2025-01-27 | CVE-2025-24814 | cve | Core creation allows users to replace "trusted" configset files with arbitrary configuration Solr instances that (1) use the "FileSystemConfigSetService" component (the default... |
| 5.4 | 2025-01-27 | CVE-2023-46187 | cve | IBM InfoSphere Master Data Management 11.6, 12.0, and 14.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in th... |
| 7.5 | 2025-01-27 | CVE-2024-28766 | cve | IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 could disclose sensitive information about directory contents that could aid in furth... |
| 6.5 | 2025-01-27 | CVE-2024-28770 | cve | IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 does not set the secure attribute on authorization tokens or session cookies. Attacke... |
| 6.5 | 2025-01-27 | CVE-2024-28771 | cve | IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 does not set the secure attribute on authorization tokens or session cookies. Attacke... |
| 6.1 | 2025-01-27 | CVE-2025-0721 | cve | A vulnerability classified as problematic has been found in needyamin image_gallery 1.0. This affects the function image_gallery of the file /view.php. The manipulation of the a... |
| Page(s) : 1 ... 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 [1142] 1143 1144 1145 1146 1147 1148 1149 1150 1151 1152 ... | Result(s) : 327297 |
