| Page(s) : 1 ... 651 652 653 654 655 656 657 658 659 660 [661] 662 663 664 665 666 667 668 669 670 671 ... | Result(s) : 43432 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2022-01-31 | CVE-2020-36064 | cve | Online Course Registration v1.0 was discovered to contain hardcoded credentials in the source code which allows attackers access to the control panel if compromised. |
| 9.8 | 2022-01-31 | CVE-2021-23520 | cve | The package juce-framework/juce before 6.1.5 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) via the ZipFile::uncompressEntry function in juce_ZipFile.c... |
| 9.8 | 2022-01-31 | CVE-2021-31617 | cve | In ASQ in Stormshield Network Security (SNS) 1.0.0 through 2.7.8, 2.8.0 through 2.16.0, 3.0.0 through 3.7.20, 3.8.0 through 3.11.8, and 4.0.1 through 4.2.2, mishandling of memor... |
| 9.8 | 2022-01-31 | CVE-2022-24263 | cve | Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/func.php via the email parameter. |
| 9.8 | 2022-01-30 | CVE-2021-46660 | cve | Signiant Manager+Agents before 15.1 allows XML External Entity (XXE) attacks. |
| 9.8 | 2022-01-30 | CVE-2022-0339 | cve | Server-Side Request Forgery (SSRF) in Pypi calibreweb prior to 0.6.16. |
| 9 | 2022-01-29 | CVE-2022-24123 | cve | MarkText through 0.16.3 does not sanitize the input of a mermaid block before rendering. This could lead to Remote Code Execution via a .md file containing a mutation Cross-Site... |
| 9.8 | 2022-01-28 | CVE-2021-40408 | cve | An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. At [1] or [2], based on DDNS type, the ddns->u... |
| 9.8 | 2022-01-28 | CVE-2020-25905 | cve | An SQL Injection vulnerabilty exists in Sourcecodester Mobile Shop System in PHP MySQL 1.0 via the email parameter in (1) login.php or (2) LoginAsAdmin.php. |
| 9.8 | 2022-01-28 | CVE-2021-40409 | cve | An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.136_20121102. At [1] or [2], based on DDNS type, the ddns->p... |
| 9.8 | 2022-01-28 | CVE-2022-22992 | cve | A command injection remote code execution vulnerability was discovered on Western Digital My Cloud Devices that could allow an attacker to execute arbitrary system commands on t... |
| 9.8 | 2022-01-28 | CVE-2021-46448 | cve | H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via /admin/customers.php?page=1&cID. |
| 9.8 | 2022-01-28 | CVE-2022-22994 | cve | A remote code execution vulnerability was discovered on Western Digital My Cloud devices where an attacker could trick a NAS device into loading through an unsecured HTTP call. ... |
| 9.8 | 2022-01-28 | CVE-2021-46446 | cve | H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via /admin/admin.php?module=admin_access_group_edit&aagID. |
| 9.8 | 2022-01-28 | CVE-2021-23558 | cve | The package bmoor before 0.10.1 are vulnerable to Prototype Pollution due to missing sanitization in set function. **Note:** This vulnerability derives from an incomplete fix in... |
| 9.8 | 2022-01-28 | CVE-2021-23760 | cve | The package keyget from 0.0.0 are vulnerable to Prototype Pollution via the methods set, push, and at which could allow an attacker to cause a denial of service and may lead to ... |
| 9.8 | 2022-01-28 | CVE-2022-21217 | cve | An out-of-bounds write vulnerability exists in the device TestEmail functionality of reolink RLC-410W v3.0.0.136_20121102. A specially-crafted network request can lead to an out... |
| 9.8 | 2022-01-28 | CVE-2021-46445 | cve | H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via /admin/categories.php?box_group_id. |
| 9.8 | 2022-01-28 | CVE-2021-23484 | cve | The package zip-local before 0.3.5 are vulnerable to Arbitrary File Write via Archive Extraction (Zip Slip) which can lead to an extraction of a crafted file outside the intende... |
| 9.8 | 2022-01-28 | CVE-2021-46444 | cve | H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via /admin/admin.php?module=admin_group_edit&agID. |
| Page(s) : 1 ... 651 652 653 654 655 656 657 658 659 660 [661] 662 663 664 665 666 667 668 669 670 671 ... | Result(s) : 43432 |
