| Page(s) : 1 ... 156 157 158 159 160 161 162 163 164 165 [166] 167 168 169 170 171 172 173 174 175 176 ... | Result(s) : 298735 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 7.2 | 2025-05-24 | CVE-2025-5131 | cve | A vulnerability was found in Tmall Demo up to 20250505. It has been declared as critical. This vulnerability affects the function uploadCategoryImage of the file tmall/admin/upl... |
| 8.8 | 2025-05-24 | CVE-2025-5132 | cve | A vulnerability was found in Tmall Demo up to 20250505. It has been rated as problematic. This issue affects some unknown processing of the file tmall/admin/account/logout. The ... |
| 6.1 | 2025-05-24 | CVE-2025-5133 | cve | A vulnerability classified as problematic has been found in Tmall Demo up to 20250505. Affected is an unknown function of the component Search Box. The manipulation leads to cro... |
| 6.1 | 2025-05-24 | CVE-2025-5134 | cve | A vulnerability classified as problematic was found in Tmall Demo up to 20250505. Affected by this vulnerability is an unknown functionality of the component Buy Item Page. The ... |
| 6.1 | 2025-05-24 | CVE-2025-5135 | cve | A vulnerability, which was classified as problematic, has been found in Tmall Demo up to 20250505. Affected by this issue is some unknown functionality of the file /tmall/admin/... |
| N/A | 2025-05-23 | CVE-2025-4692 | cve | Actors can use a maliciously crafted JavaScript object notation (JSON) web token (JWT) to perform privilege escalation by submitting the malicious JWT to a vulnerable method exp... |
| N/A | 2025-05-23 | CVE-2025-2394 | cve | Ecovacs Home Android and iOS Mobile Applications up to version 3.3.0 contained embedded access keys and secrets for Alibaba Object Storage Service (OSS), leading to sensitive da... |
| N/A | 2025-05-23 | CVE-2025-5098 | cve | PrinterShare Android application allows the capture of Gmail authentication tokens that can be reused to access a user's Gmail account without proper authorization. |
| N/A | 2025-05-23 | CVE-2025-5099 | cve | An Out of Bounds Write occurs when the native library attempts PDF rendering, which can be exploited to achieve memory corruption and potentially arbitrary code execution. |
| N/A | 2025-05-23 | CVE-2025-5100 | cve | A double-free condition occurs during the cleanup of temporary image files, which can be exploited to achieve memory corruption and potentially arbitrary code execution. |
| N/A | 2025-05-23 | CVE-2025-48701 | cve | openDCIM through 23.04 allows SQL injection in people_depts.php because prepared statements are not used. |
| N/A | 2025-05-23 | CVE-2025-48708 | cve | gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscript before 10.05.1 lacks argument sanitization for the # case. A created PDF document includes its password ... |
| 6.4 | 2025-05-23 | CVE-2025-4594 | cve | The Tournamatch plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'trn-ladder-registration-button' shortcode in all versions up t... |
| N/A | 2025-05-23 | CVE-2025-48695 | cve | An issue was discovered in CyberDAVA before 1.1.20. A privilege escalation vulnerability allows a low-privileged user to escalate their privilege by abusing the following API du... |
| N/A | 2025-05-23 | CVE-2025-47149 | cve | The optional feature 'Anti-Virus & Sandbox' of i-FILTER contains an issue with improper pattern file validation. If exploited, the product may treat an unauthorized pa... |
| 6.4 | 2025-05-23 | CVE-2025-5096 | cve | The TablePress plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the 'data-caption', 'data-s-content-padding', 'data-s-tit... |
| N/A | 2025-05-23 | CVE-2024-13945 | cve | Stored Absolute Path Traversal vulnerabilities in ASPECT could expose sensitive data if administrator credentials become compromised. This issue affects ASPECT-Enterprise: thr... |
| N/A | 2025-05-23 | CVE-2025-4379 | cve | DobryCMS in versions 2.* and lower is vulnerable to Reflected Cross-Site Scripting (XSS). Improper input validation in szukaj parameter allows arbitrary JavaScript to be execute... |
| N/A | 2025-05-23 | CVE-2025-36527 | cve | Zohocorp ManageEngine ADAudit Plus versions below 8511 are vulnerable to SQL injection while exporting reports. |
| N/A | 2025-05-23 | CVE-2025-3893 | cve | While editing pages managed by MegaBIP a user with high privileges is prompted to give a reasoning for performing this action. Input provided by the the user is not sanitized, l... |
| Page(s) : 1 ... 156 157 158 159 160 161 162 163 164 165 [166] 167 168 169 170 171 172 173 174 175 176 ... | Result(s) : 298735 |
