| Page(s) : 1 ... 901 902 903 904 905 906 907 908 909 910 [911] 912 913 914 915 916 917 918 919 920 921 ... | Result(s) : 300446 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 5.3 | 2025-02-25 | CVE-2024-13693 | cve | The Enfold theme for WordPress is vulnerable to unauthorized access of data due to a missing capability check in avia-export-class.php in all versions up to, and including, 6.0.... |
| 5.4 | 2025-02-25 | CVE-2024-13695 | cve | The Enfold theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.0.9 via the 'attachment_id' parameter. This makes i... |
| 7.5 | 2025-02-25 | CVE-2025-1642 | cve | A vulnerability was found in Benner ModernaNet up to 1.1.0. It has been declared as critical. This vulnerability affects unknown code of the file /AGE0000700/GetImageMedico?fooI... |
| 8.8 | 2025-02-25 | CVE-2025-1643 | cve | A vulnerability was found in Benner ModernaNet up to 1.1.0. It has been rated as problematic. This issue affects some unknown processing of the file /DadosPessoais/SG_AlterarSen... |
| 6.5 | 2025-02-25 | CVE-2025-1644 | cve | A vulnerability classified as problematic has been found in Benner ModernaNet up to 1.2.0. Affected is an unknown function of the file /DadosPessoais/SG_Gravar. The manipulation... |
| 6.3 | 2025-02-25 | CVE-2025-1645 | cve | A vulnerability classified as critical was found in Benner Connecta 1.0.5330. Affected by this vulnerability is an unknown functionality of the file /Usuarios/Usuario/EditarLoga... |
| N/A | 2025-02-25 | CVE-2025-27145 | cve | copyparty, a portable file server, has a DOM-based cross-site scripting vulnerability in versions prior to 1.16.15. The vulnerability is considered low-risk. By handing someone ... |
| N/A | 2025-02-25 | CVE-2025-1646 | cve | A vulnerability, which was classified as critical, has been found in Lumsoft ERP 8. Affected by this issue is some unknown functionality of the file /Api/TinyMce/UploadAjaxAPI.a... |
| 9.8 | 2025-02-25 | CVE-2025-1640 | cve | A vulnerability was found in Benner ModernaNet up to 1.1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /Home/JS_CarregaCombo?for... |
| 9.8 | 2025-02-25 | CVE-2025-1641 | cve | A vulnerability was found in Benner ModernaNet up to 1.1.0. It has been classified as critical. This affects an unknown part of the file /AGE0000700/GetHorariosDoDia?idespec=0&i... |
| N/A | 2025-02-24 | CVE-2024-53542 | cve | Incorrect access control in the component /iclock/Settings?restartNCS=1 of NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 allows attackers to arbitrarily resta... |
| N/A | 2025-02-24 | CVE-2024-53543 | cve | NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 was discovered to contain a SQL injection vulnerability via the addProject method in the smarttimeplus/MySQLConn... |
| N/A | 2025-02-24 | CVE-2024-53544 | cve | NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 was discovered to contain a SQL injection vulnerability via the getCookieNames method in the smarttimeplus/MySQL... |
| N/A | 2025-02-24 | CVE-2024-56525 | cve | In Public Knowledge Project (PKP) OJS, OMP, and OPS before 3.3.0.21 and 3.4.x before 3.4.0.8, an XXE attack by the Journal Editor Role can create a new role as super admin in th... |
| N/A | 2025-02-24 | CVE-2024-57685 | cve | An issue in sparkshop v.1.1.7 and before allows a remote attacker to execute arbitrary code via a crafted phar file. |
| N/A | 2025-02-24 | CVE-2025-22974 | cve | SQL Injection vulnerability in SeaCMS v.13.2 and before allows a remote attacker to execute arbitrary code via the DoTranExecSql parameter in the phome.php component. |
| 6.1 | 2025-02-24 | CVE-2025-27143 | cve | Better Auth is an authentication and authorization library for TypeScript. Prior to version 1.1.21, the application is vulnerable to an open redirect due to improper validation ... |
| N/A | 2025-02-24 | CVE-2025-27144 | cve | Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (J... |
| 6.5 | 2025-02-24 | CVE-2025-27112 | cve | Navidrome is an open source web-based music collection server and streamer. Starting in version 0.52.0 and prior to version 0.54.5, in certain Subsonic API endpoints, a flaw in ... |
| 8.8 | 2025-02-24 | CVE-2025-27133 | cve | WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was discovered in the WeGIA application prior to version 3.2.15 at the `adicionar_tipo_exame.ph... |
| Page(s) : 1 ... 901 902 903 904 905 906 907 908 909 910 [911] 912 913 914 915 916 917 918 919 920 921 ... | Result(s) : 300446 |
