| Page(s) : 1 ... 330 331 332 333 334 335 336 337 338 339 [340] 341 342 343 344 345 346 347 348 349 350 ... | Result(s) : 324821 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-05-05 | CVE-2025-45615 | cve | Incorrect access control in the /admin/ API of yaoqishan v0.0.1-SNAPSHOT allows attackers to gain access to Admin rights via a crafted request. |
| N/A | 2025-05-05 | CVE-2025-45614 | cve | Incorrect access control in the component /api/user/manager of One v1.0 allows attackers to access sensitive information via a crafted payload. |
| N/A | 2025-05-05 | CVE-2025-45613 | cve | Incorrect access control in the component /user/list of Shiro-Action v0.6 allows attackers to access sensitive information via a crafted payload. |
| N/A | 2025-05-05 | CVE-2025-45612 | cve | Incorrect access control in xmall v1.1 allows attackers to bypass authentication via a crafted GET request to /index. |
| N/A | 2025-05-05 | CVE-2025-45611 | cve | Incorrect access control in the /user/edit/ component of hope-boot v1.0.0 allows attackers to bypass authentication via a crafted GET request. |
| N/A | 2025-05-05 | CVE-2025-45610 | cve | Incorrect access control in the component /scheduleLog/info/1 of PassJava-Platform v3.0.0 allows attackers to access sensitive information via a crafted payload. |
| N/A | 2025-05-05 | CVE-2025-45609 | cve | Incorrect access control in the doFilter function of kob latest v1.0.0-SNAPSHOT allows attackers to access sensitive information via a crafted payload. |
| N/A | 2025-05-05 | CVE-2025-45608 | cve | Incorrect access control in the /system/user/findUserList API of Xinguan v0.0.1-SNAPSHOT allows attackers to access sensitive information via a crafted payload. |
| N/A | 2025-05-05 | CVE-2025-45607 | cve | An issue in the component /manage/ of itranswarp v2.19 allows attackers to bypass authentication via a crafted request. |
| 8.8 | 2025-05-05 | CVE-2025-45322 | cve | kashipara Online Service Management Portal V1.0 is vulnerable to SQL Injection in osms/Requester/CheckStatus.php via the checkid parameter. |
| 8.8 | 2025-05-05 | CVE-2025-45321 | cve | kashipara Online Service Management Portal V1.0 is vulnerable to SQL Injection in /osms/Requester/Requesterchangepass.php via the parameter: rPassword. |
| 5.3 | 2025-05-05 | CVE-2025-45320 | cve | A Directory Listing Vulnerability was found in the /osms/Requester/ directory of the Kashipara Online Service Management Portal V1.0. |
| N/A | 2025-05-05 | CVE-2025-45242 | cve | Rhymix v2.1.22 was discovered to contain an arbitrary file deletion vulnerability via the procFileAdminEditImage method in /file/file.admin.controller.php. |
| N/A | 2025-05-05 | CVE-2025-45240 | cve | foxcms v1.2.5 was discovered to contain a SQL injection vulnerability via the executeCommand method in DataBackup.php. |
| N/A | 2025-05-05 | CVE-2025-45239 | cve | An issue in the restores method (DataBackup.php) of foxcms v2.0.6 allows attackers to execute a directory traversal. |
| N/A | 2025-05-05 | CVE-2025-45238 | cve | foxcms v1.2.5 was discovered to contain an arbitrary file deletion vulnerability via the delRestoreSerie method. |
| N/A | 2025-05-05 | CVE-2025-45237 | cve | Incorrect access control in the component /config/download of DBSyncer v2.0.6 allows attackers to access the JSON file containing sensitive account information, including the en... |
| N/A | 2025-05-05 | CVE-2025-45236 | cve | A stored cross-site scripting (XSS) vulnerability in the Edit Profile feature of DBSyncer v2.0.6 allows attackers to execute arbitrary web scripts or HTML via injecting a crafte... |
| 9.8 | 2025-05-05 | CVE-2025-45042 | cve | Tenda AC9 v15.03.05.14 was discovered to contain a command injection vulnerability via the Telnet function. |
| 9.8 | 2025-05-05 | CVE-2025-44074 | cve | SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_topic.php. |
| Page(s) : 1 ... 330 331 332 333 334 335 336 337 338 339 [340] 341 342 343 344 345 346 347 348 349 350 ... | Result(s) : 324821 |
