| Page(s) : 1 ... 1445 1446 1447 1448 1449 1450 1451 1452 1453 1454 [1455] 1456 1457 1458 1459 1460 1461 1462 1463 1464 1465 ... | Result(s) : 328784 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 5.7 | 2024-12-18 | CVE-2024-52361 | cve | IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 stores user credentials in plain text which can be read by an authenticated user with access to the pod. |
| 6.1 | 2024-12-18 | CVE-2024-25042 | cve | IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is potentially vulnerable to Cross Site Scripting (XSS). A remote attacker could execute malicious comma... |
| 6.1 | 2024-12-18 | CVE-2024-41752 | cve | IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, woul... |
| 5.2 | 2024-12-18 | CVE-2024-45082 | cve | IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a ... |
| N/A | 2024-12-18 | CVE-2024-55086 | cve | In the GetSimple CMS CE 3.3.19 management page, Server-Side Request Forgery (SSRF) can be achieved in the plug-in download address in the backend management system. |
| N/A | 2024-12-18 | CVE-2024-55492 | cve | Winmail Server 4.4 is vulnerable to f_user=%22%3E%3Csvg%20onload Cross Site Scripting (XSS). |
| N/A | 2024-12-18 | CVE-2024-55088 | cve | GetSimple CMS CE 3.3.19 is vulnerable to Server-Side Request Forgery (SSRF) in the backend plugin module. |
| N/A | 2024-12-18 | CVE-2024-55089 | cve | Rhymix 2.1.19 is vulnerable to Server-Side Request Forgery (SSRF) in the background import data function. |
| 6.8 | 2024-12-18 | CVE-2024-47104 | cve | IBM i 7.4 and 7.5 is vulnerable to an authenticated user gaining elevated privilege to a physical file. A user with authority to a view can alter the based-on physical file secu... |
| 5.3 | 2024-12-18 | CVE-2024-11291 | cve | The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to Sensitive Information Exposure in all ... |
| 7.5 | 2024-12-18 | CVE-2024-11912 | cve | The Travel Booking WordPress Theme theme for WordPress is vulnerable to blind time-based SQL Injection via the ‘order_id’ parameter in all versions up to, and including, 3.1.6 d... |
| 6.5 | 2024-12-18 | CVE-2024-11926 | cve | The Travel Booking WordPress Theme theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the '__stPartnerCreateService... |
| N/A | 2024-12-18 | CVE-2024-49677 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in David Cramer Bootstrap Buttons allows Reflected XSS.This issue af... |
| N/A | 2024-12-18 | CVE-2024-4995 | cve | Wapro ERP Desktop is vulnerable to MS SQL protocol downgrade request from a server side, what could lead to an unencrypted communication vulnerable to data interception and modi... |
| N/A | 2024-12-18 | CVE-2024-4996 | cve | Use of a hard-coded password for a database administrator account created during Wapro ERP installation allows an attacker to retrieve embedded sensitive data stored in the data... |
| N/A | 2024-12-18 | CVE-2024-51646 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saoshyant Saoshyant Element allows Reflected XSS.This issue affec... |
| N/A | 2024-12-18 | CVE-2024-52485 | cve | Missing Authorization vulnerability in Yudiz Solutions Ltd. WP Menu Image allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Menu Imag... |
| N/A | 2024-12-18 | CVE-2024-54270 | cve | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axeptio Axeptio allows PHP Local File Inclusio... |
| N/A | 2024-12-18 | CVE-2024-54350 | cve | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HJYL hmd allows Stored XSS.This issue affects hmd: from n/a throu... |
| N/A | 2024-12-18 | CVE-2024-55975 | cve | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Rohit Urane Dr Affiliate allows SQL Injection.This issue affects ... |
| Page(s) : 1 ... 1445 1446 1447 1448 1449 1450 1451 1452 1453 1454 [1455] 1456 1457 1458 1459 1460 1461 1462 1463 1464 1465 ... | Result(s) : 328784 |
