| Page(s) : 1 ... 244 245 246 247 248 249 250 251 252 253 [254] 255 256 257 258 259 260 261 262 263 264 ... | Result(s) : 43290 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2023-11-22 | CVE-2023-2449 | cve | The UserPro plugin for WordPress is vulnerable to unauthorized password resets in versions up to, and including 5.1.1. This is due to the plugin using native password reset func... |
| 9.8 | 2023-11-22 | CVE-2023-5815 | cve | The News & Blog Designer Pack – WordPress Blog Plugin — (Blog Post Grid, Blog Post Slider, Blog Post Carousel, Blog Post Ticker, Blog Post Masonry) plugin for WordPress is vulne... |
| 9.8 | 2023-11-22 | CVE-2023-5822 | cve | The Drag and Drop Multiple File Upload - Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads to insufficient file type validation in the 'dnd_upload... |
| 9.8 | 2023-11-22 | CVE-2023-45377 | cve | In the module "Chronopost Official" (chronopost) for PrestaShop, a guest can perform SQL injection. The script PHP `cancelSkybill.php` own a sensitive SQL calls that can be exec... |
| 9.8 | 2023-11-22 | CVE-2023-46357 | cve | In the module "Cross Selling in Modal Cart" (motivationsale) < 3.5.0 from MyPrestaModules for PrestaShop, a guest can perform SQL injection. The method `motivationsaleDataModel:... |
| 9.8 | 2023-11-22 | CVE-2023-2889 | cve | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Veon Computer Service Tracking Software allows SQL Injection.This... |
| 9.8 | 2023-11-22 | CVE-2023-37924 | cve | Apache Software Foundation Apache Submarine has an SQL injection vulnerability when a user logs in. This issue can result in unauthorized login. Now we have fixed this issue and... |
| 9.8 | 2023-11-21 | CVE-2023-48306 | cve | Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.11, 26.0.6, and 27.1.0 of Nextcloud Se... |
| 9.8 | 2023-11-21 | CVE-2023-48307 | cve | Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. Starting in version 1.13.0 and prior to version 2.2.8 and 3.3.0, an attacker can use an unprot... |
| 9.8 | 2023-11-21 | CVE-2023-48699 | cve | fastbots is a library for fast bot and scraper development using selenium and the Page Object Model (POM) design. Prior to version 0.1.5, an attacker could modify the locators.i... |
| 9.8 | 2023-11-21 | CVE-2023-48228 | cve | authentik is an open-source identity provider. When initialising a oauth2 flow with a `code_challenge` and `code_method` (thus requesting PKCE), the single sign-on provider (aut... |
| 9.8 | 2023-11-21 | CVE-2023-48230 | cve | Cap'n Proto is a data interchange format and capability-based RPC system. In versions 1.0 and 1.0.1, when using the KJ HTTP library with WebSocket compression enabled, a bu... |
| 9.8 | 2023-11-21 | CVE-2023-49105 | cve | An issue was discovered in ownCloud owncloud/core before 10.13.1. An attacker can access, modify, or delete any file without authentication if the username of a victim is known,... |
| 9.8 | 2023-11-21 | CVE-2023-6248 | cve | The Syrus4 IoT gateway utilizes an unsecured MQTT server to download and execute arbitrary commands, allowing a remote unauthenticated attacker to execute code on any Syrus4 dev... |
| 9.8 | 2023-11-21 | CVE-2023-49060 | cve | An attacker could have accessed internal pages or data by ex-filtrating a security key from ReaderMode via the `referrerpolicy` attribute. This vulnerability affects Firefox for... |
| 9.8 | 2023-11-21 | CVE-2023-5055 | cve | Possible variant of CVE-2021-3434 in function le_ecred_reconf_req. |
| 9.8 | 2023-11-21 | CVE-2023-42770 | cve | Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enabled (UDR-A) any Sixnet UDR message will meet an authentication challenge over UDP/IP. When the same mess... |
| 9.8 | 2023-11-21 | CVE-2023-40151 | cve | When user authentication is not enabled the shell can execute commands with the highest privileges. Red Lion SixTRAK and VersaTRAK Series RTUs with authenticated users enable... |
| 9.8 | 2023-11-20 | CVE-2023-38880 | cve | The Community Edition version 9.0 of OS4ED's openSIS Classic has a broken access control vulnerability in the database backup functionality. Whenever an admin generates a d... |
| 9.8 | 2023-11-20 | CVE-2023-5340 | cve | The Five Star Restaurant Menu and Food Ordering WordPress plugin before 2.4.11 unserializes user input via an AJAX action available to unauthenticated users, allowing them to pe... |
| Page(s) : 1 ... 244 245 246 247 248 249 250 251 252 253 [254] 255 256 257 258 259 260 261 262 263 264 ... | Result(s) : 43290 |
