Lucene search
K

23 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:41 a.m.9 views

CVE-2022-26624

Bootstrap v3.1.11 and v3.3.7 was discovered to contain a cross-site scripting XSS vulnerability via the Title parameter in /vendor/views/addproduct.php...

6.1CVSS6.2AI score0.00902EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/20 10:50 p.m.9 views

CVE-2025-26624

Rufus is a utility that helps format and create bootable USB flash drives. A DLL hijacking vulnerability in Rufus 4.6.2208 and earlier versions allows an attacker loading and executing a malicious DLL with escalated privileges since the executable has been granted higher privileges during the tim...

6.8CVSS6.5AI score0.00172EPSS
Exploits0References1
Circl
Circl
added 2025/02/18 11:16 p.m.6 views

CVE-2025-26624

creationtimestamp| type| source ---|---|--- 2025-02-18 23:16:59+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3liiffareru2g 2025-02-19 01:10:52+00:00| seen| https://t.me/cvedetector/18378 2025-04-02 13:41:52+00:00| seen|...

6.8CVSS4.8AI score0.00172EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/02/18 10:40 p.m.6 views

CVE-2025-26624 Local Privilege Escalation in Rufus 4.6 and previous versions

Rufus is a utility that helps format and create bootable USB flash drives. A DLL hijacking vulnerability in Rufus 4.6.2208 and earlier versions allows an attacker loading and executing a malicious DLL with escalated privileges since the executable has been granted higher privileges during the tim...

6.8CVSS6.3AI score0.00172EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/02/18 10:40 p.m.31 views

CVE-2025-26624 Local Privilege Escalation in Rufus 4.6 and previous versions

Rufus is a utility that helps format and create bootable USB flash drives. A DLL hijacking vulnerability in Rufus 4.6.2208 and earlier versions allows an attacker loading and executing a malicious DLL with escalated privileges since the executable has been granted higher privileges during the tim...

6.8CVSS0.00172EPSS
Exploits0References2
CVE
CVE
added 2025/02/18 10:40 p.m.90 views

CVE-2025-26624

CVE-2025-26624 describes a DLL hijacking/local privilege escalation in Rufus. Affected: Rufus 4.6.2208 and earlier. Root cause: the launcher loads a malicious cfgmgr32.dll from the same directory via side-loading when the executable has elevated privileges. Impact: enables loading/execution of a ...

6.8CVSS6.9AI score0.00172EPSS
Exploits0References2
OSV
OSV
added 2025/02/18 10:40 p.m.8 views

CVE-2025-26624 Local Privilege Escalation in Rufus 4.6 and previous versions

Rufus is a utility that helps format and create bootable USB flash drives. A DLL hijacking vulnerability in Rufus 4.6.2208 and earlier versions allows an attacker loading and executing a malicious DLL with escalated privileges since the executable has been granted higher privileges during the tim...

6.8CVSS6.7AI score0.00172EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/06 3:42 a.m.8 views

CVE-2021-26624

An local privilege escalation vulnerability due to a "runasroot" command in eScan Anti-Virus. This vulnerability is due to invalid arguments and insufficient execution conditions related to "runasroot" command. This vulnerability can induce remote attackers to exploit root privileges by...

10CVSS7.3AI score0.02267EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/03/12 12:0 a.m.39 views

Ubuntu: Security Advisory (USN-6688-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.5AI score0.78388EPSS
Exploits19References4
Circl
Circl
added 2024/03/06 8:27 a.m.4 views

CVE-2024-26624

creationtimestamp| type| source ---|---|--- 2024-03-06 08:27:13+00:00| seen| https://t.me/ctinow/201100 2024-03-06 19:56:40+00:00| seen| https://t.me/ctinow/201728...

6.6AI score
Exploits0References2
Debian CVE
Debian CVE
added 2024/03/06 6:45 a.m.26 views

CVE-2024-26624

Removed by vendor...

6.9AI score
Exploits0
Vulnrichment
Vulnrichment
added 2024/03/06 6:45 a.m.25 views

CVE-2024-26624

...

6.8AI score
Exploits0
Cvelist
Cvelist
added 2024/03/06 6:45 a.m.21 views

CVE-2024-26624

...

Exploits0
CVE
CVE
added 2024/03/06 6:45 a.m.10291 views

CVE-2024-26624

CVE-2024-26624 is rejected by its CNA and does not represent an active vulnerability.

7.5AI score
Exploits0
NVD
NVD
added 2024/01/02 10:15 p.m.18 views

CVE-2020-26624

A SQL injection vulnerability was discovered in Gila CMS 1.15.4 and earlier which allows a remote attacker to execute arbitrary web scripts via the ID parameter after the login portal...

3.8CVSS5.3AI score0.00662EPSS
Exploits3References4
CVE
CVE
added 2024/01/02 12:0 a.m.70 views

CVE-2020-26624

Gila CMS CVE-2020-26624 is a SQL injection affecting version 1.15.4 and earlier. The vulnerability allows a remote attacker to execute arbitrary web scripts through the ID parameter after login. Affected component is the login portal handling the ID parameter; root cause is SQL injection in the b...

3.8CVSS5.3AI score0.00662EPSS
Exploits3References4Affected Software1
Packet Storm
Packet Storm
added 2023/12/22 12:0 a.m.397 views

GilaCMS 1.15.4 SQL Injection

Description: GilaCMS widget and use wiget area filter to perform search Sample payload: http://targeturl/cm/listrows/widget?page=1&area=dashboard'%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,@@version,NULL--%20 Attack Vector 2: After login into admin portal, go to edit...

7.4AI score0.00662EPSS
Exploits5
0day.today
0day.today
added 2023/12/22 12:0 a.m.446 views

GilaCMS 1.15.4 SQL Injection Vulnerability

Description: GilaCMS widget and use wiget area filter to perform search Sample payload: http://targeturl/cm/listrows/widget?page=1&area=dashboard'%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,@@version,NULL--%20 Attack Vector 2: After login into admin portal, go to edit...

3.8CVSS7.2AI score0.00662EPSS
Exploits5
Circl
Circl
added 2022/04/08 12:38 p.m.6 views

CVE-2022-26624

creationtimestamp| type| source ---|---|--- 2022-04-08 12:38:15+00:00| seen| https://t.me/cibsecurity/40359...

6.1CVSS6AI score0.00902EPSS
Exploits1References1
CVE
CVE
added 2022/04/08 8:23 a.m.92 views

CVE-2022-26624

CVE-2022-26624 affects Bootstrap v3.1.11 and v3.3.7, which are vulnerable to a cross-site scripting (XSS) flaw via the Title parameter in /vendor/views/add_product.php. The issue allows arbitrary scripting code execution in the context of the affected site. Root cause details beyond the descripti...

6.1CVSS6AI score0.00902EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder