| Page(s) : 1 ... 923 924 925 926 927 928 929 930 931 932 [933] 934 935 936 937 938 939 940 941 942 943 ... | Result(s) : 326353 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2025-02-25 | CVE-2025-1128 | cve | The Everest Forms – Contact Forms, Quiz, Survey, Newsletter & Payment Form Builder for WordPress plugin for WordPress is vulnerable to arbitrary file upload, read, and deletion ... |
| 7.5 | 2025-02-25 | CVE-2025-1648 | cve | The Yawave plugin for WordPress is vulnerable to SQL Injection via the 'lbid' parameter in all versions up to, and including, 2.9.1 due to insufficient escaping on the... |
| 8.2 | 2025-02-25 | CVE-2025-1673 | cve | A malicious or malformed DNS packet without a payload can cause an out-of-bounds read, resulting in a crash (denial of service) or an incorrect computation. |
| 4.3 | 2025-02-25 | CVE-2024-13494 | cve | The WordPress File Upload plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.25.2. This is due to missing or incorrect nonc... |
| 8.2 | 2025-02-25 | CVE-2025-1674 | cve | A lack of input validation allows for out of bounds reads caused by malicious or malformed packets. |
| 9.1 | 2025-02-25 | CVE-2025-1675 | cve | The function dns_copy_qname in dns_pack.c performs performs a memcpy operation with an untrusted field and does not check if the source buffer is large enough to contain the cop... |
| 5.3 | 2025-02-25 | CVE-2024-13693 | cve | The Enfold theme for WordPress is vulnerable to unauthorized access of data due to a missing capability check in avia-export-class.php in all versions up to, and including, 6.0.... |
| 5.4 | 2025-02-25 | CVE-2024-13695 | cve | The Enfold theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.0.9 via the 'attachment_id' parameter. This makes i... |
| 7.5 | 2025-02-25 | CVE-2025-1642 | cve | A vulnerability was found in Benner ModernaNet up to 1.1.0. It has been declared as critical. This vulnerability affects unknown code of the file /AGE0000700/GetImageMedico?fooI... |
| 8.8 | 2025-02-25 | CVE-2025-1643 | cve | A vulnerability was found in Benner ModernaNet up to 1.1.0. It has been rated as problematic. This issue affects some unknown processing of the file /DadosPessoais/SG_AlterarSen... |
| 6.5 | 2025-02-25 | CVE-2025-1644 | cve | A vulnerability classified as problematic has been found in Benner ModernaNet up to 1.2.0. Affected is an unknown function of the file /DadosPessoais/SG_Gravar. The manipulation... |
| 6.3 | 2025-02-25 | CVE-2025-1645 | cve | A vulnerability classified as critical was found in Benner Connecta 1.0.5330. Affected by this vulnerability is an unknown functionality of the file /Usuarios/Usuario/EditarLoga... |
| N/A | 2025-02-25 | CVE-2025-27145 | cve | copyparty, a portable file server, has a DOM-based cross-site scripting vulnerability in versions prior to 1.16.15. The vulnerability is considered low-risk. By handing someone ... |
| N/A | 2025-02-25 | CVE-2025-1646 | cve | A vulnerability, which was classified as critical, has been found in Lumsoft ERP 8. Affected by this issue is some unknown functionality of the file /Api/TinyMce/UploadAjaxAPI.a... |
| 9.8 | 2025-02-25 | CVE-2025-1640 | cve | A vulnerability was found in Benner ModernaNet up to 1.1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /Home/JS_CarregaCombo?for... |
| 9.8 | 2025-02-25 | CVE-2025-1641 | cve | A vulnerability was found in Benner ModernaNet up to 1.1.0. It has been classified as critical. This affects an unknown part of the file /AGE0000700/GetHorariosDoDia?idespec=0&i... |
| N/A | 2025-02-24 | CVE-2024-53542 | cve | Incorrect access control in the component /iclock/Settings?restartNCS=1 of NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 allows attackers to arbitrarily resta... |
| N/A | 2025-02-24 | CVE-2024-53543 | cve | NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 was discovered to contain a SQL injection vulnerability via the addProject method in the smarttimeplus/MySQLConn... |
| N/A | 2025-02-24 | CVE-2024-53544 | cve | NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 was discovered to contain a SQL injection vulnerability via the getCookieNames method in the smarttimeplus/MySQL... |
| N/A | 2025-02-24 | CVE-2024-56525 | cve | In Public Knowledge Project (PKP) OJS, OMP, and OPS before 3.3.0.21 and 3.4.x before 3.4.0.8, an XXE attack by the Journal Editor Role can create a new role as super admin in th... |
| Page(s) : 1 ... 923 924 925 926 927 928 929 930 931 932 [933] 934 935 936 937 938 939 940 941 942 943 ... | Result(s) : 326353 |
