| Page(s) : 1 ... 277 278 279 280 281 282 283 284 285 286 [287] 288 289 290 291 292 293 294 295 296 297 ... | Result(s) : 43290 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2023-09-28 | CVE-2023-43739 | cve | The 'bookisbn' parameter of the cart.php resource does not validate the characters received and they are sent unfiltered to the database. |
| 9.8 | 2023-09-28 | CVE-2023-44163 | cve | The 'search' parameter of the process_search.php resource does not validate the characters received and they are sent unfiltered to the database. |
| 9.8 | 2023-09-28 | CVE-2023-44164 | cve | The 'Email' parameter of the process_login.php resource does not validate the characters received and they are sent unfiltered to the database. |
| 9.8 | 2023-09-28 | CVE-2023-44166 | cve | The 'age' parameter of the process_registration.php resource does not validate the characters received and they are sent unfiltered to the database. |
| 9.8 | 2023-09-28 | CVE-2023-43654 | cve | TorchServe is a tool for serving and scaling PyTorch models in production. TorchServe default configuration lacks proper input validation, enabling third parties to invoke remot... |
| 9.8 | 2023-09-28 | CVE-2023-43013 | cve | Asset Management System v1.0 is vulnerable to an unauthenticated SQL Injection vulnerability on the 'email' parameter of index.php page, allowing an external attack... |
| 9.8 | 2023-09-28 | CVE-2023-5004 | cve | Hospital management system version 378c157 allows to bypass authentication. This is possible because the application is vulnerable to SQLI. |
| 9.8 | 2023-09-28 | CVE-2023-5053 | cve | Hospital management system version 378c157 allows to bypass authentication. This is possible because the application is vulnerable to SQLI. |
| 9.1 | 2023-09-28 | CVE-2022-47186 | cve | There is an unrestricted upload of file vulnerability in Generex CS141 below 2.06 version. An attacker could upload and/or delete any type of file, without any format restrictio... |
| 9.8 | 2023-09-28 | CVE-2023-30415 | cve | Sourcecodester Packers and Movers Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /inquiries/view_inquiry.php. |
| 9.8 | 2023-09-28 | CVE-2023-43869 | cve | D-Link DIR-619L B1 2.02 is vulnerable to Buffer Overflow via formSetWAN_Wizard56 function. |
| 9.8 | 2023-09-28 | CVE-2023-38870 | cve | A SQL injection vulnerability exists in gugoan Economizzer commit 3730880 (April 2023) and v.0.9-beta1. The cash book has a feature to list accomplishments by category, and the ... |
| 9.8 | 2023-09-28 | CVE-2023-44273 | cve | Consensys gnark-crypto through 0.11.2 allows Signature Malleability. This occurs because deserialisation of EdDSA and ECDSA signatures does not ensure that the data is in a cert... |
| 9.8 | 2023-09-27 | CVE-2023-44080 | cve | An issue in PGYER codefever v.2023.8.14-2ce4006 allows a remote attacker to execute arbitrary code via a crafted request to the branchList component. |
| 9.8 | 2023-09-27 | CVE-2023-41449 | cve | An issue in phpkobo AjaxNewsTicker v.1.0.5 allows a remote attacker to execute arbitrary code via a crafted payload to the reque parameter. |
| 9.1 | 2023-09-27 | CVE-2023-20186 | cve | A vulnerability in the Authentication, Authorization, and Accounting (AAA) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker ... |
| 9.8 | 2023-09-27 | CVE-2023-20252 | cve | A vulnerability in the Security Assertion Markup Language (SAML) APIs of Cisco Catalyst SD-WAN Manager Software could allow an unauthenticated, remote attacker to gain unauthori... |
| 9.1 | 2023-09-27 | CVE-2023-43652 | cve | JumpServer is an open source bastion host. As an unauthenticated user, it is possible to authenticate to the core API with a username and an SSH public key without needing a pas... |
| 9.8 | 2023-09-27 | CVE-2023-42818 | cve | JumpServer is an open source bastion host. When users enable MFA and use a public key for authentication, the Koko SSH server does not verify the corresponding SSH private key. ... |
| 9.9 | 2023-09-27 | CVE-2023-43651 | cve | JumpServer is an open source bastion host. An authenticated user can exploit a vulnerability in MongoDB sessions to execute arbitrary commands, leading to remote code execution.... |
| Page(s) : 1 ... 277 278 279 280 281 282 283 284 285 286 [287] 288 289 290 291 292 293 294 295 296 297 ... | Result(s) : 43290 |
