| Page(s) : 1 ... 785 786 787 788 789 790 791 792 793 794 [795] 796 797 798 799 800 801 802 803 804 805 ... | Result(s) : 43532 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2021-02-17 | CVE-2021-26809 | cve | PHPGurukul Car Rental Project version 2.0 suffers from a remote shell upload vulnerability in changeimage1.php. |
| 9.8 | 2021-02-17 | CVE-2021-22855 | cve | The specific function of HR Portal of Soar Cloud System accepts any type of object to be deserialized. Attackers can send malicious serialized objects to execute arbitrary comma... |
| 9.8 | 2021-02-17 | CVE-2021-27362 | cve | The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a Read Access Violation on Control Flow starting at WPG!ReadWPG_W+0x0000000000000133, which might allow remote attackers to ... |
| 9.8 | 2021-02-16 | CVE-2020-24841 | cve | PNPSCADA 2.200816204020 allows SQL injection via parameter 'interf' in /browse.jsp. Exploiting this issue could allow an attacker to compromise the application, access... |
| 9.8 | 2021-02-16 | CVE-2021-25648 | cve | Mobile application "Testes de Codigo" 11.4 and prior allows an attacker to gain access to the administrative interface and premium features by tampering the boolean value of par... |
| 9.8 | 2021-02-16 | CVE-2021-27236 | cve | An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. getfile.asp allows Unauthenticated Local File Inclusion, which can be leveraged to achieve Remote Code Execution. |
| 9.8 | 2021-02-16 | CVE-2021-27234 | cve | An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. The web application suffers from SQL injection on Adminlog.asp, Archivemsgs.asp, Deletelog.asp, Eventlog.asp, and... |
| 9.8 | 2021-02-16 | CVE-2021-27101 | cve | Accellion FTA 9_12_370 and earlier is affected by SQL injection via a crafted Host header in a request to document_root.html. The fixed version is FTA_9_12_380 and later. |
| 9.8 | 2021-02-16 | CVE-2021-27103 | cve | Accellion FTA 9_12_411 and earlier is affected by SSRF via a crafted POST request to wmProgressstat.html. The fixed version is FTA_9_12_416 and later. |
| 9.8 | 2021-02-16 | CVE-2021-27104 | cve | Accellion FTA 9_12_370 and earlier is affected by OS command execution via a crafted POST request to various admin endpoints. The fixed version is FTA_9_12_380 and later. |
| 9.8 | 2021-02-16 | CVE-2020-35565 | cve | An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. The login pages bruteforce detection is disabled by default. |
| 9.8 | 2021-02-15 | CVE-2021-3239 | cve | E-Learning System 1.0 suffers from an unauthenticated SQL injection vulnerability, which allows remote attackers to execute arbitrary code on the hosting web server and gain a r... |
| 9.8 | 2021-02-15 | CVE-2021-26822 | cve | Teachers Record Management System 1.0 is affected by a SQL injection vulnerability in 'searchteacher' POST parameter in search-teacher.php. This vulnerability can be e... |
| 9.8 | 2021-02-15 | CVE-2020-35775 | cve | CITSmart before 9.1.2.23 allows LDAP Injection. |
| 9.8 | 2021-02-15 | CVE-2021-3375 | cve | ActivePresenter 6.1.6 is affected by a memory corruption vulnerability that may result in a denial of service (DoS) or arbitrary code execution. |
| 9.8 | 2021-02-15 | CVE-2021-26201 | cve | The Login Panel of CASAP Automated Enrollment System 1.0 is vulnerable to SQL injection authentication bypass. An attacker can obtain access to the admin panel by injecting a SQ... |
| 9.8 | 2021-02-15 | CVE-2021-26200 | cve | The user area for Library System 1.0 is vulnerable to SQL injection where a user can bypass the authentication and login as the admin user. |
| 9.8 | 2021-02-14 | CVE-2021-27213 | cve | config.py in pystemon before 2021-02-13 allows code execution via YAML deserialization because SafeLoader and safe_load are not used. |
| 9.8 | 2021-02-14 | CVE-2019-25019 | cve | LimeSurvey before 4.0.0-RC4 allows SQL injection via the participant model. |
| 9.9 | 2021-02-12 | CVE-2021-26753 | cve | NeDi 1.9C allows an authenticated user to inject PHP code in the System Files function on the endpoint /System-Files.php via the txt HTTP POST parameter. This allows an attacker... |
| Page(s) : 1 ... 785 786 787 788 789 790 791 792 793 794 [795] 796 797 798 799 800 801 802 803 804 805 ... | Result(s) : 43532 |
