23 matches found
CVE-2022-26624
Bootstrap v3.1.11 and v3.3.7 was discovered to contain a cross-site scripting XSS vulnerability via the Title parameter in /vendor/views/addproduct.php...
CVE-2025-26624
Rufus is a utility that helps format and create bootable USB flash drives. A DLL hijacking vulnerability in Rufus 4.6.2208 and earlier versions allows an attacker loading and executing a malicious DLL with escalated privileges since the executable has been granted higher privileges during the tim...
CVE-2025-26624
creationtimestamp| type| source ---|---|--- 2025-02-18 23:16:59+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3liiffareru2g 2025-02-19 01:10:52+00:00| seen| https://t.me/cvedetector/18378 2025-04-02 13:41:52+00:00| seen|...
CVE-2025-26624 Local Privilege Escalation in Rufus 4.6 and previous versions
Rufus is a utility that helps format and create bootable USB flash drives. A DLL hijacking vulnerability in Rufus 4.6.2208 and earlier versions allows an attacker loading and executing a malicious DLL with escalated privileges since the executable has been granted higher privileges during the tim...
CVE-2025-26624 Local Privilege Escalation in Rufus 4.6 and previous versions
Rufus is a utility that helps format and create bootable USB flash drives. A DLL hijacking vulnerability in Rufus 4.6.2208 and earlier versions allows an attacker loading and executing a malicious DLL with escalated privileges since the executable has been granted higher privileges during the tim...
CVE-2025-26624
CVE-2025-26624 describes a DLL hijacking/local privilege escalation in Rufus. Affected: Rufus 4.6.2208 and earlier. Root cause: the launcher loads a malicious cfgmgr32.dll from the same directory via side-loading when the executable has elevated privileges. Impact: enables loading/execution of a ...
CVE-2025-26624 Local Privilege Escalation in Rufus 4.6 and previous versions
Rufus is a utility that helps format and create bootable USB flash drives. A DLL hijacking vulnerability in Rufus 4.6.2208 and earlier versions allows an attacker loading and executing a malicious DLL with escalated privileges since the executable has been granted higher privileges during the tim...
CVE-2021-26624
An local privilege escalation vulnerability due to a "runasroot" command in eScan Anti-Virus. This vulnerability is due to invalid arguments and insufficient execution conditions related to "runasroot" command. This vulnerability can induce remote attackers to exploit root privileges by...
Ubuntu: Security Advisory (USN-6688-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-26624
creationtimestamp| type| source ---|---|--- 2024-03-06 08:27:13+00:00| seen| https://t.me/ctinow/201100 2024-03-06 19:56:40+00:00| seen| https://t.me/ctinow/201728...
CVE-2024-26624
Removed by vendor...
CVE-2024-26624
...
CVE-2024-26624
...
CVE-2024-26624
CVE-2024-26624 is rejected by its CNA and does not represent an active vulnerability.
CVE-2020-26624
A SQL injection vulnerability was discovered in Gila CMS 1.15.4 and earlier which allows a remote attacker to execute arbitrary web scripts via the ID parameter after the login portal...
CVE-2020-26624
Gila CMS CVE-2020-26624 is a SQL injection affecting version 1.15.4 and earlier. The vulnerability allows a remote attacker to execute arbitrary web scripts through the ID parameter after login. Affected component is the login portal handling the ID parameter; root cause is SQL injection in the b...
GilaCMS 1.15.4 SQL Injection
Description: GilaCMS widget and use wiget area filter to perform search Sample payload: http://targeturl/cm/listrows/widget?page=1&area=dashboard'%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,@@version,NULL--%20 Attack Vector 2: After login into admin portal, go to edit...
GilaCMS 1.15.4 SQL Injection Vulnerability
Description: GilaCMS widget and use wiget area filter to perform search Sample payload: http://targeturl/cm/listrows/widget?page=1&area=dashboard'%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,@@version,NULL--%20 Attack Vector 2: After login into admin portal, go to edit...
CVE-2022-26624
creationtimestamp| type| source ---|---|--- 2022-04-08 12:38:15+00:00| seen| https://t.me/cibsecurity/40359...
CVE-2022-26624
CVE-2022-26624 affects Bootstrap v3.1.11 and v3.3.7, which are vulnerable to a cross-site scripting (XSS) flaw via the Title parameter in /vendor/views/add_product.php. The issue allows arbitrary scripting code execution in the context of the affected site. Root cause details beyond the descripti...