| Page(s) : 1 ... 15 16 17 18 19 20 21 22 23 24 [25] 26 27 28 29 30 31 32 33 34 35 ... | Result(s) : 198059 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 8.8 | 2021-10-15 | CVE-2021-42334 | cve | The Easytest contains SQL injection vulnerabilities. After obtaining a user’s privilege, remote attackers can inject SQL commands into the parameters of the elective course mana... |
| 5.4 | 2021-10-15 | CVE-2021-42335 | cve | Easytest bulletin board management function of online learning platform does not filter special characters. After obtaining a user’s privilege, remote attackers can inject JavaS... |
| 4.3 | 2021-10-15 | CVE-2021-42336 | cve | The learning history page of the Easytest is vulnerable by permission bypass. After obtaining a user’s permission, remote attackers can access other users’ and administrator’s a... |
| 9.8 | 2021-10-15 | CVE-2021-37736 | cve | A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Ma... |
| 8.8 | 2021-10-15 | CVE-2021-37737 | cve | A remote SQL injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.... |
| 4.3 | 2021-10-15 | CVE-2021-38431 | cve | An authenticated user using Advantech WebAccess SCADA in versions 9.0.3 and prior can use API functions to disclose project names and paths from other users. |
| 4.8 | 2021-10-15 | CVE-2021-39332 | cve | The Business Manager WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization found throughout the plugin which allowe... |
| 4.8 | 2021-10-15 | CVE-2021-39334 | cve | The Job Board Vanila WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via the psjb_exp_in and the psjb_curr_in... |
| 4.8 | 2021-10-15 | CVE-2021-39335 | cve | The WpGenius Job Listing WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ... |
| 4.8 | 2021-10-15 | CVE-2021-39336 | cve | The Job Manager WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/admin-j... |
| 4.8 | 2021-10-15 | CVE-2021-39337 | cve | The job-portal WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/admin/jo... |
| 4.8 | 2021-10-15 | CVE-2021-39338 | cve | The MyBB Cross-Poster WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/c... |
| 4.8 | 2021-10-15 | CVE-2021-39344 | cve | The KJM Admin Notices WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/a... |
| 4.8 | 2021-10-15 | CVE-2021-39345 | cve | The HAL WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/wp-hal.php file... |
| 5.5 | 2021-10-15 | CVE-2021-39349 | cve | The Author Bio Box WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via several parameters found in the ~/incl... |
| 4.9 | 2021-10-14 | CVE-2021-32571 | cve | ** UNSUPPORTED WHEN ASSIGNED ** In OSS-RC systems of the release 18B and older during data migration procedures certain files containing usernames and passwords are left in the ... |
| 8.8 | 2021-10-14 | CVE-2021-42369 | cve | Imagicle Application Suite (for Cisco UC) before 2021.Summer.2 allows SQL injection. A low-privileged user could inject a SQL statement through the "Export to CSV" feature of th... |
| 5.4 | 2021-10-14 | CVE-2021-36387 | cve | In Yellowfin before 9.6.1 there is a Stored Cross-Site Scripting vulnerability in the video embed functionality exploitable through a specially crafted HTTP POST request to the ... |
| 7.5 | 2021-10-14 | CVE-2021-36388 | cve | In Yellowfin before 9.6.1 it is possible to enumerate and download users profile pictures through an Insecure Direct Object Reference vulnerability exploitable by sending a spec... |
| 7.5 | 2021-10-14 | CVE-2021-36389 | cve | In Yellowfin before 9.6.1 it is possible to enumerate and download uploaded images through an Insecure Direct Object Reference vulnerability exploitable by sending a specially c... |
| Page(s) : 1 ... 15 16 17 18 19 20 21 22 23 24 [25] 26 27 28 29 30 31 32 33 34 35 ... | Result(s) : 198059 |
