| Page(s) : 1 2 3 4 5 6 7 8 [9] 10 11 12 13 14 15 16 17 18 19 ... | Result(s) : 226048 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 7.5 | 2022-11-25 | CVE-2022-44411 | cve | Web Based Quiz System v1.0 transmits user passwords in plaintext during the authentication process, allowing attackers to obtain users' passwords via a bruteforce attack. |
| 5.4 | 2022-11-25 | CVE-2022-45036 | cve | A cross-site scripting (XSS) vulnerability in the Search Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injec... |
| 5.4 | 2022-11-25 | CVE-2022-45037 | cve | A cross-site scripting (XSS) vulnerability in /admin/users/index.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected ... |
| 5.4 | 2022-11-25 | CVE-2022-45038 | cve | A cross-site scripting (XSS) vulnerability in /admin/settings/save.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injecte... |
| 7.2 | 2022-11-25 | CVE-2022-45039 | cve | An arbitrary file upload vulnerability in the Server Settings module of WBCE CMS v1.5.4 allows attackers to execute arbitrary code via a crafted PHP file. |
| 5.4 | 2022-11-25 | CVE-2022-45040 | cve | A cross-site scripting (XSS) vulnerability in /admin/pages/sections_save.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload i... |
| N/A | 2022-11-25 | CVE-2022-23044 | cve | Tiny File Manager version 2.4.8 allows an unauthenticated remote attacker to execute arbitrary code remotely on the server. This is possible because the application is vulnerabl... |
| 9 | 2022-11-25 | CVE-2022-37721 | cve | PyroCMS 3.9 is vulnerable to a stored Cross Site Scripting (XSS_ when a low privileged user such as an author, injects a crafted html and javascript payload in a blog post, lead... |
| 8.1 | 2022-11-25 | CVE-2022-38813 | cve | PHPGurukul Blood Donor Management System 1.0 does not properly restrict access to admin/dashboard.php, which allows attackers to access all data of users, delete the users, add ... |
| 6.1 | 2022-11-25 | CVE-2022-43983 | cve | Browsershot version 3.57.2 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate that the HTML content... |
| 6.1 | 2022-11-25 | CVE-2022-43984 | cve | Browsershot version 3.57.3 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate that the JS content i... |
| 5.3 | 2022-11-25 | CVE-2022-45205 | cve | Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/dict/queryTableData. |
| 9.8 | 2022-11-25 | CVE-2022-45206 | cve | Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/duplicate/check. |
| 9.8 | 2022-11-25 | CVE-2022-45207 | cve | Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component updateNullByEmptyString. |
| 4.3 | 2022-11-25 | CVE-2022-45208 | cve | Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/user/putRecycleBin. |
| 4.3 | 2022-11-25 | CVE-2022-45210 | cve | Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/user/deleteRecycleBin. |
| 6.1 | 2022-11-25 | CVE-2022-45218 | cve | Human Resource Management System v1.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability. This vulnerability is triggered via a crafted payload injected into... |
| N/A | 2022-11-25 | CVE-2022-0698 | cve | Microweber version 1.3.1 allows an unauthenticated user to perform an account takeover via an XSS on the 'select-file' parameter. |
| N/A | 2022-11-25 | CVE-2022-41705 | cve | Badaso version 2.6.3 allows an unauthenticated remote attacker to execute arbitrary code remotely on the server. This is possible because the application does not properly valid... |
| N/A | 2022-11-25 | CVE-2022-41706 | cve | Browsershot version 3.57.2 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate the URL protocol pass... |
| Page(s) : 1 2 3 4 5 6 7 8 [9] 10 11 12 13 14 15 16 17 18 19 ... | Result(s) : 226048 |
