20 matches found
Exploit for CVE-2025-24203
iDevice? A major vulnerability discovered by Ian Beer based o...
CVE-2020-24203
Insecure File Permissions and Arbitrary File Upload in the upload pic function in updatesubcategory.php in Projects World Travel Management System v1.0 allows remote unauthenticated attackers to gain remote code execution...
Exploit for CVE-2025-24203
CVE-2025-24203 Exploit iOS 16.0 – 18.3.2 Thhe CVE-2025-2420...
Exploit for CVE-2025-24203
dirtyZero A simple customization toolbox that utilizes CVE-...
CVE-2025-24203
The issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to modify protected parts of the file system...
CVE-2025-24203
creationtimestamp| type| source ---|---|--- 2025-03-31 23:31:39+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9799 2025-05-10 05:00:10+00:00| published-proof-of-concept| Telegram/Fs-71f7EyEUAT9p8cs1pKurUUJNlZKa9KwCGamF1BDnYNo4 2025-05-10 18:58:49+00:00| published-proof-of-concept|...
CVE-2025-24203
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to modify protected parts of the file system...
CVE-2025-24203
The issue was addressed with improved checks. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to modify protected parts of the file system...
CVE-2025-24203
CVE-2025-24203 is a local kernel memory bug (VM_BEHAVIOR_ZERO_WIRED_PAGES) that enables a user-process to zero wired kernel pages, creating a kernel read/write primitive. Public materials describe chaining this bug with additional flaws (e.g., sandbox escape, PID/file-signature bypass) to achieve...
CVE-2025-24203
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to modify protected parts of the file system...
CVE-2023-24203
Cross Site Scripting vulnerability in SourceCodester Simple Customer Relationship Management System v1.0 allows attacker to execute arbitary code via the company or query parameters...
CVE-2023-24203
Cross Site Scripting vulnerability in SourceCodester Simple Customer Relationship Management System v1.0 allows attacker to execute arbitary code via the company or query parameters...
CVE-2023-24203
Cross Site Scripting vulnerability in SourceCodester Simple Customer Relationship Management System v1.0 allows attacker to execute arbitary code via the company or query parameters...
CVE-2021-24203
In the Elementor Website Builder WordPress plugin before 3.1.4, the divider widget includes/widgets/divider.php accepts an ‘htmltag’ parameter. Although the element control lists a fixed set of possible html tags, it is possible for a user with Contributor or above permissions to send a modified...
CVE-2021-24203
In the Elementor Website Builder WordPress plugin before 3.1.4, the divider widget includes/widgets/divider.php accepts an ‘htmltag’ parameter. Although the element control lists a fixed set of possible html tags, it is possible for a user with Contributor or above permissions to send a modified...
CVE-2021-24203
CVE-2021-24203 describes an authenticated stored XSS in the Elementor Website Builder WordPress plugin prior to 3.1.4. The divider widget’s divider.php path accepts an html_tag parameter; an attacker with Contributor+ permissions can modify a save_builder request to set html_tag to script and inc...
Projects World Travel Management System Authentication Bypass (CVE-2020-24203)
An authentication bypass vulnerability exists in Projects World Travel Management System. Successful exploitation of this vulnerability allow a remote attacker to gain unauthorized access to the affected system...
CVE-2020-24203
Insecure File Permissions and Arbitrary File Upload in the upload pic function in updatesubcategory.php in Projects World Travel Management System v1.0 allows remote unauthenticated attackers to gain remote code execution...
CVE-2020-24203
The CVE-2020-24203 issue affects Projects World Travel Management System v1.0, specifically the updatesubcategory.php upload pic function. The root cause is insecure file permissions combined with an arbitrary file upload, allowing remote unauthenticated attackers to gain remote code execution. E...
CVE-2023-24203
Cross Site Scripting vulnerability in SourceCodester Simple Customer Relationship Management System v1.0 allows attacker to execute arbitary code via the company or query parameters...