| Page(s) : 1 ... 734 735 736 737 738 739 740 741 742 743 [744] 745 746 747 748 749 750 751 752 753 754 ... | Result(s) : 43525 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2021-07-26 | CVE-2021-37476 | cve | In NavigateCMS version 2.9.4 and below, function in `product.php` is vulnerable to sql injection on parameter `id` through a post request, which results in arbitrary sql query e... |
| 9.8 | 2021-07-26 | CVE-2021-37477 | cve | In NavigateCMS version 2.9.4 and below, function in `structure.php` is vulnerable to sql injection on parameter `children_order`, which results in arbitrary sql query execution ... |
| 9.8 | 2021-07-23 | CVE-2021-24036 | cve | Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading to an out of bounds write on the heap with the possibility of remote code execut... |
| 9.8 | 2021-07-23 | CVE-2021-25207 | cve | Arbitrary file upload vulnerability in SourceCodester E-Commerce Website v 1.0 allows attackers to execute arbitrary code via the file upload to prodViewUpdate.php. |
| 9.8 | 2021-07-23 | CVE-2020-14032 | cve | ASRock 4x4 BOX-R1000 before BIOS P1.40 allows privilege escalation via code execution in the SMM. |
| 9.8 | 2021-07-23 | CVE-2021-23412 | cve | All versions of package gitlogplus are vulnerable to Command Injection via the main functionality, as options attributes are appended to the command to be executed without sanit... |
| 9.8 | 2021-07-23 | CVE-2021-25208 | cve | Arbitrary file upload vulnerability in SourceCodester Travel Management System v 1.0 allows attackers to execute arbitrary code via the file upload to updatepackage.php. |
| 9.8 | 2021-07-23 | CVE-2021-25206 | cve | Arbitrary file upload vulnerability in SourceCodester Responsive Ordering System v 1.0 allows attackers to execute arbitrary code via the file upload to Product_model.php. |
| 9.8 | 2021-07-23 | CVE-2021-25203 | cve | Arbitrary file upload vulnerability in Victor CMS v 1.0 allows attackers to execute arbitrary code via the file upload to \CMSsite-master\admin\includes\admin_add_post.php. |
| 9.8 | 2021-07-23 | CVE-2021-3169 | cve | An issue in Jumpserver before 2.6.2, before 2.5.4, before 2.4.5 allows attackers to create a connection token through an API which does not have access control and use it to acc... |
| 9.8 | 2021-07-23 | CVE-2020-20741 | cve | Incorrect Access Control in Beckhoff Automation GmbH & Co. KG CX9020 with firmware version CX9020_CB3011_WEC7_HPS_v602_TC31_B4016.6 allows remote attackers to bypass authenticat... |
| 9.8 | 2021-07-22 | CVE-2021-25211 | cve | Arbitrary file upload vulnerability in SourceCodester Ordering System v 1.0 allows attackers to execute arbitrary code, via the file upload to ordering\admin\products\edit.php. |
| 9.8 | 2021-07-22 | CVE-2021-26765 | cve | SQL injection vulnerability in PHPGurukul Student Record System 4.0 allows remote attackers to execute arbitrary SQL statements, via the sid parameter to edit-sub.php. |
| 9.8 | 2021-07-22 | CVE-2021-25213 | cve | SQL injection vulnerability in SourceCodester Travel Management System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the catid parameter to subcat.php. |
| 9.8 | 2021-07-22 | CVE-2021-26223 | cve | SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to view_p... |
| 9.8 | 2021-07-22 | CVE-2021-25210 | cve | Arbitrary file upload vulnerability in SourceCodester Alumni Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to manage_event.php. |
| 9.8 | 2021-07-22 | CVE-2021-25212 | cve | SQL injection vulnerability in SourceCodester Alumni Management System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to manage_event.php. |
| 9.8 | 2021-07-22 | CVE-2020-7388 | cve | Sage X3 Unauthenticated Remote Command Execution (RCE) as SYSTEM in AdxDSrv.exe component. By editing the client side authentication request, an attacker can bypass credential v... |
| 9.8 | 2021-07-22 | CVE-2021-31579 | cve | Akkadian Provisioning Manager Engine (PME) ships with a hard-coded credential, akkadianuser:haakkadianpassword. This issue was resolved in Akkadian OVA appliance version 3.0 (an... |
| 9.8 | 2021-07-22 | CVE-2021-31580 | cve | The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be bypassed by switching the OpenSSH channel from `shell` to `exec` and providing the ssh client ... |
| Page(s) : 1 ... 734 735 736 737 738 739 740 741 742 743 [744] 745 746 747 748 749 750 751 752 753 754 ... | Result(s) : 43525 |
