| Page(s) : 1 ... 766 767 768 769 770 771 772 773 774 775 [776] 777 778 779 780 781 782 783 784 785 786 ... | Result(s) : 300103 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2025-03-10 | CVE-2025-25620 | cve | Unifiedtransform 2.0 is vulnerable to Cross Site Scripting (XSS) in the Create assignment function. |
| 6.1 | 2025-03-10 | CVE-2025-26910 | cve | Cross-Site Request Forgery (CSRF) vulnerability in Iqonic Design WPBookit allows Stored XSS. This issue affects WPBookit: from n/a through 1.0.1. |
| N/A | 2025-03-10 | CVE-2025-26916 | cve | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in EPC Massive Dynamic. This issue affects Massiv... |
| N/A | 2025-03-10 | CVE-2025-26933 | cve | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Nitin Prakash WC Place Order Without Payment a... |
| N/A | 2025-03-10 | CVE-2025-26936 | cve | Improper Control of Generation of Code ('Code Injection') vulnerability in NotFound Fresh Framework allows Code Injection. This issue affects Fresh Framework: from n/a... |
| 4.3 | 2025-03-10 | CVE-2025-1926 | cve | The Page Builder: Pagelayer – Drag and Drop website builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.9.8. This is... |
| N/A | 2025-03-10 | CVE-2024-11638 | cve | The Gtbabel WordPress plugin before 6.6.9 does not ensure that the URL to perform code analysis upon belongs to the blog which could allow unauthenticated attackers to retrieve ... |
| 5.4 | 2025-03-10 | CVE-2025-2150 | cve | The C&Cm@il from HGiga has a Stored Cross-Site Scripting (XSS) vulnerability, allowing remote attackers with regular privileges to send emails containing malicious JavaScript co... |
| N/A | 2025-03-10 | CVE-2025-27253 | cve | An improper input validation in GE Vernova UR IED family devices from version 7.0 up to 8.60 allows an attacker to provide input that enstablishes a TCP connection through a por... |
| N/A | 2025-03-10 | CVE-2025-27254 | cve | Improper Authentication vulnerability in GE Vernova EnerVista UR Setup allows Authentication Bypass. The software's startup authentication can be disabled by altering a Wi... |
| N/A | 2025-03-10 | CVE-2025-27255 | cve | Use of Hard-coded Credentials vulnerability in GE Vernova EnerVista UR Setup allows Privilege Escalation. The local user database is encrypted using an hardcoded password retrie... |
| N/A | 2025-03-10 | CVE-2025-27256 | cve | Missing Authentication for Critical Function vulnerability in GE Vernova Enervista UR Setup application allows Authentication Bypass due to a missing SSH server authentication. ... |
| N/A | 2025-03-10 | CVE-2025-27257 | cve | Insufficient Verification of Data Authenticity vulnerability in GE Vernova UR IED family devices allows an authenticated user to install a modified firmware. The firmware signat... |
| 6.1 | 2025-03-10 | CVE-2024-13918 | cve | The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of request parameters in the debug-mode e... |
| 6.1 | 2025-03-10 | CVE-2024-13919 | cve | The Laravel framework versions between 11.9.0 and 11.35.1 are susceptible to reflected cross-site scripting due to an improper encoding of route parameters in the debug-mode err... |
| 6.5 | 2025-03-10 | CVE-2025-24387 | cve | A vulnerability in OTRS Application Server allows session hijacking due to missing attributes for sensitive cookie settings in HTTPS sessions. A request to an OTRS endpoint fro... |
| 7.5 | 2025-03-10 | CVE-2025-2147 | cve | A vulnerability was found in Beijing Zhide Intelligent Internet Technology Modern Farm Digital Integrated Management System 1.0. It has been classified as problematic. Affected ... |
| 4.8 | 2025-03-10 | CVE-2025-2133 | cve | A vulnerability classified as problematic was found in ftcms 2.1. Affected by this vulnerability is an unknown functionality of the file /admin/index.php/news/edit. The manipula... |
| N/A | 2025-03-10 | CVE-2024-41724 | cve | Improper Certificate Validation (CWE-295) in the Gallagher Command Centre SALTO integration allowed an attacker to spoof the SALTO server. This issue affects all versions o... |
| N/A | 2025-03-10 | CVE-2024-43107 | cve | Improper Certificate Validation (CWE-295) in the Gallagher Milestone Integration Plugin (MIP) permits unauthenticated messages (e.g. alarm events) to be sent to the Plugin. This... |
| Page(s) : 1 ... 766 767 768 769 770 771 772 773 774 775 [776] 777 778 779 780 781 782 783 784 785 786 ... | Result(s) : 300103 |
