| Page(s) : 1 ... 620 621 622 623 624 625 626 627 628 629 [630] 631 632 633 634 635 636 637 638 639 640 ... | Result(s) : 43431 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2022-03-22 | CVE-2022-25517 | cve | MyBatis plus v3.4.3 was discovered to contain a SQL injection vulnerability via the Column parameter in /core/conditions/AbstractWrapper.java. NOTE: the vendor's position i... |
| 9.8 | 2022-03-22 | CVE-2022-27228 | cve | In the vote (aka "Polls, Votes") module before 21.0.100 of Bitrix Site Manager, a remote unauthenticated attacker can execute arbitrary code. |
| 9.8 | 2022-03-22 | CVE-2021-41736 | cve | Faust v2.35.0 was discovered to contain a heap-buffer overflow in the function realPropagate() at propagate.cpp. |
| 9.8 | 2022-03-22 | CVE-2021-43650 | cve | WebRun 3.6.0.42 is vulnerable to SQL Injection via the P_0 parameter used to set the username during the login process. |
| 9.8 | 2022-03-22 | CVE-2022-26189 | cve | TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via the langType parameter in the login interface. |
| 9.8 | 2022-03-22 | CVE-2022-26188 | cve | TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via /setting/NTPSyncWithHost. |
| 9.8 | 2022-03-22 | CVE-2022-26187 | cve | TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via the pingCheck function. |
| 9.8 | 2022-03-22 | CVE-2022-26186 | cve | TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection vulnerability via the exportOvpn interface at cstecgi.cgi. |
| 9.8 | 2022-03-21 | CVE-2022-26283 | cve | Simple Subscription Website v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the view_plan endpoint. This vulnerability allows attackers to d... |
| 9.8 | 2022-03-21 | CVE-2022-26285 | cve | Simple Subscription Website v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the apply endpoint. This vulnerability allows attackers to dump ... |
| 9.8 | 2022-03-21 | CVE-2022-0747 | cve | The Infographic Maker WordPress plugin before 4.3.8 does not validate and escape the post_id parameter before using it in a SQL statement via the qcld_upvote_action AJAX action ... |
| 9.8 | 2022-03-21 | CVE-2022-25505 | cve | Taocms v3.0.2 was discovered to contain a SQL injection vulnerability via the id parameter in \include\Model\Category.php. |
| 9.1 | 2022-03-21 | CVE-2021-45878 | cve | Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by incorrect access control. Lack of access control on the web manger pages allows any user to view and modify informa... |
| 9.8 | 2022-03-21 | CVE-2021-45877 | cve | Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by hard coded credentials. A hardcoded credential exist in /etc/tomcat8/tomcat-user.xml, which allows attackers to gai... |
| 9.8 | 2022-03-21 | CVE-2021-45876 | cve | Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by unauthenticated command injection. The url parameter of the function module downloadAndUpdate is vulnerable to an c... |
| 9.8 | 2022-03-21 | CVE-2022-24766 | cve | mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.4 and below, a malicious client or server is able to perform HTTP request smuggling attacks thr... |
| 9.8 | 2022-03-21 | CVE-2022-0760 | cve | The Simple Link Directory WordPress plugin before 7.7.2 does not validate and escape the post_id parameter before using it in a SQL statement via the qcopd_upvote_action AJAX ac... |
| 9.1 | 2022-03-21 | CVE-2022-0591 | cve | The FormCraft WordPress plugin before 3.8.28 does not validate the URL parameter in the formcraft3_get AJAX action, leading to SSRF issues exploitable by unauthenticated users |
| 9.1 | 2022-03-21 | CVE-2022-26960 | cve | connector.minimal.php in std42 elFinder through 2.1.60 is affected by path traversal. This allows unauthenticated remote attackers to read, write, and browse files outside the c... |
| 9.8 | 2022-03-21 | CVE-2022-26284 | cve | Simple Client Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the manage_client endpoint. This vulnerability allows attack... |
| Page(s) : 1 ... 620 621 622 623 624 625 626 627 628 629 [630] 631 632 633 634 635 636 637 638 639 640 ... | Result(s) : 43431 |
