| Page(s) : 1 ... 61 62 63 64 65 66 67 68 69 70 [71] 72 73 74 75 76 77 78 79 80 81 ... | Result(s) : 287478 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 7.5 | 2025-03-20 | CVE-2025-2539 | cve | The File Away plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ajax() function in all versions up to, and including, 3.... |
| N/A | 2025-03-20 | CVE-2025-29101 | cve | Tenda AC8V4.0 V16.03.34.06 was discovered to contain a stack overflow via the deviceid parameter in the get_parentControl_list_Info function. |
| N/A | 2025-03-20 | CVE-2024-48590 | cve | Inflectra SpiraTeam 7.2.00 is vulnerable to Server-Side Request Forgery (SSRF) via the NewsReaderService. This allows an attacker to escalate privileges and obtain sensitive inf... |
| N/A | 2025-03-20 | CVE-2025-0254 | cve | HCL Digital Experience components Ring API and dxclient may be vulnerable to man-in-the-middle (MitM) attacks prior to 9.5 CF226. An attacker could intercept and potentially al... |
| 6.5 | 2025-03-20 | CVE-2025-1496 | cve | Improper Restriction of Excessive Authentication Attempts vulnerability in BG-TEK Coslat Hotspot allows Password Brute Forcing, Authentication Abuse.This issue affects Coslat Ho... |
| N/A | 2025-03-20 | CVE-2025-29410 | cve | A cross-site scripting (XSS) vulnerability in the component /contact.php of Hospital Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecti... |
| N/A | 2025-03-20 | CVE-2025-29412 | cve | A cross-site scripting (XSS) vulnerability in the Client Profile Update section of Mart Developers iBanking v2.0.0 allows attackers to execute arbitrary web scripts or HTML via ... |
| N/A | 2025-03-20 | CVE-2024-48591 | cve | Inflectra SpiraTeam 7.2.00 is vulnerable to Cross Site Scripting (XSS). A specially crafted SVG file can be uploaded that will render and execute JavaScript upon direct viewing. |
| N/A | 2025-03-20 | CVE-2025-29411 | cve | An arbitrary file upload vulnerability in the Client Profile Update section of Mart Developers iBanking v2.0.0 allows attackers to execute arbitrary code via uploading a crafted... |
| 4.3 | 2025-03-20 | CVE-2025-2546 | cve | A vulnerability classified as problematic was found in D-Link DIR-618 and DIR-605L 2.02/3.02. This vulnerability affects unknown code of the file /goform/formAdvFirewall of the ... |
| N/A | 2025-03-20 | CVE-2024-13875 | cve | The WP-PManager WordPress plugin through 1.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which co... |
| N/A | 2025-03-20 | CVE-2024-13876 | cve | The mEintopf WordPress plugin through 0.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which cou... |
| N/A | 2025-03-20 | CVE-2024-13877 | cve | The Passbeemedia Web Push Notification WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cros... |
| N/A | 2025-03-20 | CVE-2024-13878 | cve | The SpotBot WordPress plugin through 0.1.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which coul... |
| N/A | 2025-03-20 | CVE-2024-13880 | cve | The My Quota WordPress plugin through 1.0.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which cou... |
| N/A | 2025-03-20 | CVE-2024-13881 | cve | The Link My Posts WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which ... |
| 4.3 | 2025-03-20 | CVE-2025-1314 | cve | The Custom Twitter Feeds – A Tweets Widget or X Feed Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.5. This is... |
| 5.3 | 2025-03-20 | CVE-2025-1766 | cve | The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on... |
| 8.8 | 2025-03-20 | CVE-2025-1770 | cve | The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.0.24 via ... |
| N/A | 2025-03-20 | CVE-2025-22228 | cve | BCryptPasswordEncoder.matches(CharSequence,String) will incorrectly return true for passwords larger than 72 characters as long as the first 72 characters are the same. |
| Page(s) : 1 ... 61 62 63 64 65 66 67 68 69 70 [71] 72 73 74 75 76 77 78 79 80 81 ... | Result(s) : 287478 |
