Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 ... 688 689 690 691 692 693 694 695 696 697 [698] 699 700 701 702 703 704 705 706 707 708 ... Result(s) : 43439

Alerts Feed Alerts

DATE NAME CATEGORIES DETAIL
9.8 2021-11-09 CVE-2021-43193 cve In JetBrains TeamCity before 2021.1.2, remote code execution via the agent push functionality is possible.
9.8 2021-11-08 CVE-2021-42371 cve lpar2rrd is a hardcoded system account in XoruX LPAR2RRD and STOR2RRD before 7.30.
9.8 2021-11-08 CVE-2021-42077 cve PHP Event Calendar before 2021-09-03 allows SQL injection, as demonstrated by the /server/ajax/user_manager.php username parameter. This can be used to execute SQL statements di...
9.8 2021-11-08 CVE-2021-34684 cve Hitachi Vantara Pentaho Business Analytics through 9.1 allows an unauthenticated user to execute arbitrary SQL queries on any Pentaho data source and thus retrieve data from the...
9.8 2021-11-08 CVE-2021-30132 cve Cloudera Manager 7.2.4 has Incorrect Access Control, allowing Escalation of Privileges.
9.8 2021-11-08 CVE-2021-24827 cve The Asgaros Forum WordPress plugin before 1.15.13 does not validate and escape user input when subscribing to a topic before using it in a SQL statement, leading to an unauthent...
9.8 2021-11-08 CVE-2021-24731 cve The Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation Codes WordPress plugin before 3.7.1.6 does not properly escape user dat...
9 2021-11-08 CVE-2021-24693 cve The Simple Download Monitor WordPress plugin before 3.9.5 does not escape the "File Thumbnail" post meta before outputting it in some pages, which could allow users with a role ...
9.8 2021-11-08 CVE-2021-28024 cve Unauthorized system access in the login form in ServiceTonic Helpdesk software version < 9.0.35937 allows attacker to login without using a password.
9.8 2021-11-08 CVE-2021-28023 cve Arbitrary file upload in Service import feature in ServiceTonic Helpdesk software version < 9.0.35937 allows a malicious user to execute JSP code by uploading a zip that extract...
9.8 2021-11-05 CVE-2021-35368 cve OWASP ModSecurity Core Rule Set 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.2 is affected by a Request Body Bypass via a trailing pathname.
9.1 2021-11-05 CVE-2021-42359 cve WP DSGVO Tools (GDPR)
9.8 2021-11-05 CVE-2021-42665 cve An SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the login form inside of index.php, which can allow an attacker to bypass authentication.
9.8 2021-11-05 CVE-2021-42668 cve A SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the id parameter in the my_classmates.php web page.. As a result, an attacker can extra...
9.8 2021-11-05 CVE-2020-22225 cve Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionLoadForm function.
9.8 2021-11-05 CVE-2021-42669 cve A file upload vulnerability exists in Sourcecodester Engineers Online Portal in PHP via dashboard_teacher.php, which allows changing the avatar through teacher_avatar.php. Once ...
9.8 2021-11-05 CVE-2021-42837 cve An issue was discovered in Talend Data Catalog before 7.3-20210930. After setting up SAML/OAuth, authentication is not correctly enforced on the native login page. Any valid use...
9.8 2021-11-05 CVE-2021-42667 cve A SQL Injection vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP in event-management/views. An attacker can leverage this vulnerability ...
9.8 2021-11-05 CVE-2020-22226 cve Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionSetAmount function.
9.8 2021-11-05 CVE-2020-22223 cve Stivasoft (Phpjabbers) Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionLoad function.
Page(s) : 1 ... 688 689 690 691 692 693 694 695 696 697 [698] 699 700 701 702 703 704 705 706 707 708 ... Result(s) : 43439