| Page(s) : 1 ... 932 933 934 935 936 937 938 939 940 941 [942] 943 944 945 946 947 948 949 950 951 952 ... | Result(s) : 326530 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 4.3 | 2025-02-25 | CVE-2024-13494 | cve | The WordPress File Upload plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.25.2. This is due to missing or incorrect nonc... |
| 8.2 | 2025-02-25 | CVE-2025-1674 | cve | A lack of input validation allows for out of bounds reads caused by malicious or malformed packets. |
| 9.1 | 2025-02-25 | CVE-2025-1675 | cve | The function dns_copy_qname in dns_pack.c performs performs a memcpy operation with an untrusted field and does not check if the source buffer is large enough to contain the cop... |
| 5.3 | 2025-02-25 | CVE-2024-13693 | cve | The Enfold theme for WordPress is vulnerable to unauthorized access of data due to a missing capability check in avia-export-class.php in all versions up to, and including, 6.0.... |
| 5.4 | 2025-02-25 | CVE-2024-13695 | cve | The Enfold theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.0.9 via the 'attachment_id' parameter. This makes i... |
| 7.5 | 2025-02-25 | CVE-2025-1642 | cve | A vulnerability was found in Benner ModernaNet up to 1.1.0. It has been declared as critical. This vulnerability affects unknown code of the file /AGE0000700/GetImageMedico?fooI... |
| 8.8 | 2025-02-25 | CVE-2025-1643 | cve | A vulnerability was found in Benner ModernaNet up to 1.1.0. It has been rated as problematic. This issue affects some unknown processing of the file /DadosPessoais/SG_AlterarSen... |
| 6.5 | 2025-02-25 | CVE-2025-1644 | cve | A vulnerability classified as problematic has been found in Benner ModernaNet up to 1.2.0. Affected is an unknown function of the file /DadosPessoais/SG_Gravar. The manipulation... |
| 6.3 | 2025-02-25 | CVE-2025-1645 | cve | A vulnerability classified as critical was found in Benner Connecta 1.0.5330. Affected by this vulnerability is an unknown functionality of the file /Usuarios/Usuario/EditarLoga... |
| N/A | 2025-02-25 | CVE-2025-27145 | cve | copyparty, a portable file server, has a DOM-based cross-site scripting vulnerability in versions prior to 1.16.15. The vulnerability is considered low-risk. By handing someone ... |
| N/A | 2025-02-25 | CVE-2025-1646 | cve | A vulnerability, which was classified as critical, has been found in Lumsoft ERP 8. Affected by this issue is some unknown functionality of the file /Api/TinyMce/UploadAjaxAPI.a... |
| 9.8 | 2025-02-25 | CVE-2025-1640 | cve | A vulnerability was found in Benner ModernaNet up to 1.1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /Home/JS_CarregaCombo?for... |
| 9.8 | 2025-02-25 | CVE-2025-1641 | cve | A vulnerability was found in Benner ModernaNet up to 1.1.0. It has been classified as critical. This affects an unknown part of the file /AGE0000700/GetHorariosDoDia?idespec=0&i... |
| N/A | 2025-02-24 | CVE-2024-53542 | cve | Incorrect access control in the component /iclock/Settings?restartNCS=1 of NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 allows attackers to arbitrarily resta... |
| N/A | 2025-02-24 | CVE-2024-53543 | cve | NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 was discovered to contain a SQL injection vulnerability via the addProject method in the smarttimeplus/MySQLConn... |
| N/A | 2025-02-24 | CVE-2024-53544 | cve | NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 was discovered to contain a SQL injection vulnerability via the getCookieNames method in the smarttimeplus/MySQL... |
| N/A | 2025-02-24 | CVE-2024-56525 | cve | In Public Knowledge Project (PKP) OJS, OMP, and OPS before 3.3.0.21 and 3.4.x before 3.4.0.8, an XXE attack by the Journal Editor Role can create a new role as super admin in th... |
| N/A | 2025-02-24 | CVE-2024-57685 | cve | An issue in sparkshop v.1.1.7 and before allows a remote attacker to execute arbitrary code via a crafted phar file. |
| N/A | 2025-02-24 | CVE-2025-22974 | cve | SQL Injection vulnerability in SeaCMS v.13.2 and before allows a remote attacker to execute arbitrary code via the DoTranExecSql parameter in the phome.php component. |
| 6.1 | 2025-02-24 | CVE-2025-27143 | cve | Better Auth is an authentication and authorization library for TypeScript. Prior to version 1.1.21, the application is vulnerable to an open redirect due to improper validation ... |
| Page(s) : 1 ... 932 933 934 935 936 937 938 939 940 941 [942] 943 944 945 946 947 948 949 950 951 952 ... | Result(s) : 326530 |
