| Page(s) : 1 ... 915 916 917 918 919 920 921 922 923 924 [925] 926 927 928 929 930 931 932 933 934 935 ... | Result(s) : 300504 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 4.6 | 2025-02-21 | CVE-2025-1548 | cve | A vulnerability was found in iteachyou Dreamer CMS 4.1.3. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/archives/edit. The mani... |
| N/A | 2025-02-21 | CVE-2025-25505 | cve | Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the sub_452A4 function. |
| N/A | 2025-02-21 | CVE-2025-25507 | cve | There is a RCE vulnerability in Tenda AC6 15.03.05.16_multi. In the formexeCommand function, the parameter cmdinput will cause remote command execution. |
| N/A | 2025-02-21 | CVE-2025-25510 | cve | Tenda AC8 V16.03.34.06 is vulnerable to Buffer Overflow in the get_parentControl_list_Info function. |
| N/A | 2025-02-21 | CVE-2025-26014 | cve | A Remote Code Execution (RCE) vulnerability in Loggrove v.1.0 allows a remote attacker to execute arbitrary code via the path parameter. |
| N/A | 2025-02-21 | CVE-2024-55156 | cve | An XML External Entity (XXE) vulnerability in the deserializeArgs() method of Java SDK for CloudEvents v4.0.1 allows attackers to access sensitive information via supplying a cr... |
| N/A | 2025-02-21 | CVE-2024-55159 | cve | GFast between v2 to v3.2 was discovered to contain a SQL injection vulnerability via the SortName parameter at /system/loginLog/list. |
| N/A | 2025-02-21 | CVE-2024-57176 | cve | An issue in the shiroFilter function of White-Jotter project v0.2.2 allows attackers to execute a directory traversal and access sensitive endpoints via a crafted URL. |
| N/A | 2025-02-21 | CVE-2025-25765 | cve | MRCMS v3.1.2 was discovered to contain an arbitrary file write vulnerability via the component /file/save.do. |
| N/A | 2025-02-21 | CVE-2025-25766 | cve | An arbitrary file upload vulnerability in the component /file/savefile.do of MRCMS v3.1.2 allows attackers to execute arbitrary code via uploading a crafted .jsp file. |
| N/A | 2025-02-21 | CVE-2025-25875 | cve | A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /message.php. The attack can use SQL injection to obtain ... |
| N/A | 2025-02-21 | CVE-2025-25876 | cve | A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /delete.php. The attack can use SQL injection to obtain s... |
| N/A | 2025-02-21 | CVE-2025-25877 | cve | A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /admin.php. The attack can use SQL injection to obtain se... |
| N/A | 2025-02-21 | CVE-2025-25878 | cve | A vulnerability was found in ITSourcecode Simple ChatBox up to 1.0. This vulnerability affects unknown code of the file /del.php. The attack can use SQL injection to obtain sens... |
| 5.4 | 2025-02-21 | CVE-2024-13455 | cve | The igumbi Online Booking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'igumbi_calendar' shortcode in all versions up to, an... |
| 6.5 | 2025-02-21 | CVE-2024-13713 | cve | The WPExperts Square For GiveWP plugin for WordPress is vulnerable to SQL Injection via the 'post' parameter in all versions up to, and including, 1.3.1 due to insuffi... |
| 4.9 | 2025-02-21 | CVE-2024-13846 | cve | The Indeed Ultimate Learning Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘post_id’ parameter in all versions up to, and including, 3.9 due to insu... |
| 7.2 | 2025-02-21 | CVE-2024-13900 | cve | The Head, Footer and Post Injections plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 3.3.0. This makes it possible for authenticat... |
| N/A | 2025-02-21 | CVE-2024-9150 | cve | Report generation functionality in Wyn Enterprise allows for code inclusion, but not sufficiently limits what code might be included. An attacker is able use a low privileges ac... |
| 5.3 | 2025-02-21 | CVE-2025-1402 | cve | The Event Tickets and Registration plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'ajax_ticket_delete' functi... |
| Page(s) : 1 ... 915 916 917 918 919 920 921 922 923 924 [925] 926 927 928 929 930 931 932 933 934 935 ... | Result(s) : 300504 |
