| Page(s) : 1 ... 429 430 431 432 433 434 435 436 437 438 [439] 440 441 442 443 444 445 446 447 448 449 ... | Result(s) : 325197 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-04-21 | CVE-2025-29287 | cve | An arbitrary file upload vulnerability in the ueditor component of MCMS v5.4.3 allows attackers to execute arbitrary code via uploading a crafted file. |
| N/A | 2025-04-21 | CVE-2025-28367 | cve | mojoPortal |
| N/A | 2025-04-21 | CVE-2025-28121 | cve | code-projects Online Exam Mastering System 1.0 is vulnerable to Cross Site Scripting (XSS) in feedback.php via the "q" parameter allowing remote attackers to execute arbitrary c... |
| N/A | 2025-04-21 | CVE-2025-28104 | cve | Incorrect access control in laskBlog v2.6.1 allows attackers to access all usernames via a crafted input. |
| N/A | 2025-04-21 | CVE-2025-28103 | cve | Incorrect access control in laskBlog v2.6.1 allows attackers to arbitrarily delete user accounts via a crafted request. |
| N/A | 2025-04-21 | CVE-2025-28102 | cve | A cross-site scripting (XSS) vulnerability in flaskBlog v2.6.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the postContent para... |
| N/A | 2025-04-21 | CVE-2025-28099 | cve | opencms V2.3 is vulnerable to Arbitrary file read in src/main/webapp/view/admin/document/dataPage.jsp, |
| N/A | 2025-04-21 | CVE-2025-27086 | cve | A vulnerability in the HPE Performance Cluster Manager (HPCM) GUI could allow an attacker to bypass authentication. |
| N/A | 2025-04-21 | CVE-2025-25228 | cve | A SQL injection in VirtueMart component 1.0.0 - 4.4.7 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands in the product management area ... |
| N/A | 2025-04-21 | CVE-2025-2517 | cve | Reference to Expired Domain Vulnerability in OpenTextâ„¢ ArcSight Enterprise Security Manager. |
| N/A | 2025-04-21 | CVE-2025-23174 | cve | CWE-200: Exposure of Sensitive Information to an Unauthorized Actor |
| N/A | 2025-04-21 | CVE-2025-2298 | cve | An improper authorization vulnerability in Dremio Software allows authenticated users to delete arbitrary files that the system has access to, including system files and files s... |
| N/A | 2025-04-21 | CVE-2025-0632 | cve | Local File Inclusion (LFI) vulnerability in a Render function of Formulatrix Rock Maker Web (RMW) allows a remote attacker to obtain sensitive data via arbitrary code execution.... |
| N/A | 2025-04-21 | CVE-2024-57394 | cve | The quarantine - restore function in Qi-ANXIN Tianqing Endpoint Security Management System v10.0 allows user to restore a malicious file to an arbitrary file path. Attackers can... |
| N/A | 2025-04-21 | CVE-2024-42699 | cve | Cross Site Scripting vulnerability in Create/Modify article function in Alkacon OpenCMS 17.0 allows remote attacker to inject javascript payload via image title sub-field in the... |
| N/A | 2025-04-21 | CVE-2024-41446 | cve | A stored cross-site scripting (XSS) vulnerability in Alkacon OpenCMS v17.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the imag... |
| N/A | 2025-04-21 | CVE-2024-12863 | cve | Stored XSS in Discussions in OpenText Content Management CE 20.2 to 25.1 on Windows and Linux allows authenticated malicious users to inject code into the system. |
| N/A | 2025-04-21 | CVE-2024-12862 | cve | Incorrect Authorization vulnerability in the OpenText Content Server REST API on Windows, Linux allows users without the appropriate permissions to remove external collaborators... |
| N/A | 2025-04-21 | CVE-2024-12543 | cve | User Enumeration and Data Integrity in Barcode functionality in OpenText Content Management versions 24.3-25.1on Windows and Linux allows a malicous authenticated attacker to po... |
| 9.8 | 2025-04-20 | CVE-2025-43955 | cve | TwsCachedXPathAPI in Convertigo through 8.3.4 does not restrict the use of commons-jxpath APIs. |
| Page(s) : 1 ... 429 430 431 432 433 434 435 436 437 438 [439] 440 441 442 443 444 445 446 447 448 449 ... | Result(s) : 325197 |
