115 matches found
CVE-2026-5784
creationtimestamp| type| source ---|---|--- 2026-05-07 15:26:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlbjnwbuc52v 2026-05-07 17:30:29+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlbqlij36a2c 2026-05-07 19:50:22+00:00| seen|...
MiracleLinux 4 : axis-1.2.1-7.3.AXS4 (AXSA:2013-129:01)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2013-129:01 advisory. Apache AXIS is an implementation of the SOAP Simple Object Access Protocol submission to W3C. From the draft W3C specification: SOAP is a lightweight protocol...
Security Bulletin: IBM System Storage Support for Microsoft Volume Shadow Copy Service and Virtual Disk Service is vulnerable to multiple vulnerabilities due to Apache Axis. CVE-2018-8032, CVE-2014-3596, CVE-2019-0227, CVE-2012-5784
Summary IBM System Storage Support for Microsoft Volume Shadow Copy Service and Virtual Disk Service is vulnerable to multiple vulnerabilities due to Apache Axis. CVE-2018-8032, CVE-2014-3596, CVE-2019-0227, CVE-2012-5784. Vulnerability Details CVEID:CVE-2018-8032 DESCRIPTION: Apache Axis 1.x up ...
CVE-2025-5784
A vulnerability has been found in PHPGurukul Employee Record Management System 1.3 and classified as critical. This vulnerability affects unknown code of the file /myexp.php. The manipulation of the argument emp3ctc leads to sql injection. The attack can be initiated remotely. The exploit has bee...
CVE-2025-5784 PHPGurukul Employee Record Management System myexp.php sql injection
A vulnerability has been found in PHPGurukul Employee Record Management System 1.3 and classified as critical. This vulnerability affects unknown code of the file /myexp.php. The manipulation of the argument emp3ctc leads to sql injection. The attack can be initiated remotely. The exploit has bee...
CVE-2025-5784
The CVE-2025-5784 entry corresponds to a SQL injection in PHPGurukul Employee Record Management System 1.3, exploiting the /myexp.php file via the emp3ctc parameter. Connected sources (CNVD, NVD, CVE dedicated records) confirm an remote-able vulnerability with improper validation of external SQL ...
CVE-2025-5784 PHPGurukul Employee Record Management System myexp.php sql injection
A vulnerability has been found in PHPGurukul Employee Record Management System 1.3 and classified as critical. This vulnerability affects unknown code of the file /myexp.php. The manipulation of the argument emp3ctc leads to sql injection. The attack can be initiated remotely. The exploit has bee...
CVE-2020-5784
Server-Side Request Forgery in Teltonika firmware TRB2R00.02.04.3 allows a low privileged user to cause the application to perform HTTP GET requests to arbitrary URLs...
Linux Distros Unpatched Vulnerability : CVE-2018-5784
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In LibTIFF 4.0.9, there is an uncontrolled resource consumption in the TIFFSetDirectory function of tifdir.c. Remote attackers could leverage this vulnerability...
Debian: Security Advisory (DSA-5784-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-5784
creationtimestamp| type| source ---|---|--- 2024-08-30 07:17:28+00:00| seen| https://t.me/cvedetector/4495...
CVE-2024-5784
The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized administrative actions execution due to a missing capability checks on multiple functions like treportquizatttemptdelete and tutorgcclassaction in all versions up to, and including, 2.7.2. This makes it possible for authenticate...
CVE-2024-5784
CVE-2024-5784 (Tutor LMS Pro, WordPress) shows a vulnerability where missing capability checks in multiple functions (treport_quiz_atttempt_delete, tutor_gc_class_action) allow an authenticated user with subscriber-level access or higher to perform unauthorized administrative actions (e.g., delet...
CVE-2024-5784 Tutor LMS Pro <= 2.7.2 - Missing Authorization to Authenticated (Subscriber+) Insecure Direct Object Reference
The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized administrative actions execution due to a missing capability checks on multiple functions like treportquizatttemptdelete and tutorgcclassaction in all versions up to, and including, 2.7.2. This makes it possible for authenticate...
CVE-2024-5784 Tutor LMS Pro <= 2.7.2 - Missing Authorization to Authenticated (Subscriber+) Insecure Direct Object Reference
The Tutor LMS Pro plugin for WordPress is vulnerable to unauthorized administrative actions execution due to a missing capability checks on multiple functions like treportquizatttemptdelete and tutorgcclassaction in all versions up to, and including, 2.7.2. This makes it possible for authenticate...
WordPress Tutor LMS Pro Plugin <= 2.7.2 is vulnerable to Broken Access Control
Software Tutor LMS Pro Type Plugin Vulnerable versions = 2.7.2 Fixed in 2.7.3 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5784 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 53b4f2fddbc0 Credits Thanh Nam Tran Required...
CVE-2023-5784
creationtimestamp| type| source ---|---|--- 2023-10-26 18:15:58+00:00| seen| https://t.me/cibsecurity/72966...
CVE-2023-5784
CVE-2023-5784 affects Netentsec NS-ASG Application Security Gateway 6.3. The vulnerability is in an unknown functionality of the file /protocol/firewall/uploadfirewall.php where manipulating the messagecontent parameter leads to SQL injection. Public exploit information exists and public disclosu...
EuroTel ETL3100 - Transmitter Unauthenticated Config/Log Download Vulnerability
Exploit Title: EuroTel ETL3100 - Transmitter Unauthenticated Config/Log Download Exploit Author: LiquidWorm Vendor: EuroTel S.p.A. | SIEL, Sistemi Elettronici S.R.L Product web page: https://www.eurotel.it | https://www.siel.fm Affected version: v01c01 Microprocessor: socs0t10/ats01s01, Model:...
EuroTel ETL3100 - Transmitter Unauthenticated Config/Log Download
Exploit Title: EuroTel ETL3100 - Transmitter Unauthenticated Config/Log Download Exploit Author: LiquidWorm Vendor: EuroTel S.p.A. | SIEL, Sistemi Elettronici S.R.L Product web page: https://www.eurotel.it | https://www.siel.fm Affected version: v01c01 Microprocessor: socs0t10/ats01s01, Model:...