1312 matches found
CVE-2022-31225
Dell BIOS versions contain an Unchecked Return Value vulnerability. A local authenticated administrator user could potentially exploit this vulnerability in order to change the state of the system or cause unexpected failures...
CVE-2022-31223
Dell BIOS versions contain an Improper Neutralization of Null Byte vulnerability. A local authenticated administrator user could potentially exploit this vulnerability by sending unexpected null bytes in order to read memory on the system...
CVE-2022-38068
Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in Apasionados Export Post Info plugin = 1.1.0 at WordPress...
CVE-2022-37404
Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in Christian Salazar's add2fav plugin = 1.0 at WordPress...
CVE-2022-2717
The JoomSport – for Sports: Team & League, Football, Hockey & more plugin for WordPress is vulnerable to SQL Injection via the 'orderby' parameter on the joomsport-events-form page in versions up to, and including, 5.2.5 due to insufficient escaping on the user supplied parameter and lack of...
WordPress plugin Ajax Load More 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
WordPress plugin Ajax Load More 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
CVE-2022-34486
Path traversal vulnerability in PukiWiki versions 1.4.5 to 1.5.3 allows a remote authenticated attacker with an administrative privilege to execute a malicious script via unspecified vectors...
CVE-2021-36847
Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in WebbaPlugins Webba Booking plugin = 4.2.21 at WordPress...
PT-2022-5788 · Fortinet · Fortimanager +1
Name of the Vulnerable Software and Affected Versions: FortiManager versions 6.0.0 through 6.0.11 FortiManager versions 6.2.0 through 6.2.9 FortiManager versions 6.4.0 through 6.4.7 FortiManager versions 7.0.0 through 7.0.3 FortiManager version 7.2.0 FortiAnalyzer versions 6.0.0 through 6.0.12...
Siemens SCALANCE 安全漏洞
SCALANCE M-800, MUM-800 and S615 and RUGGEDCOM RM1224 industrial routers are used for secure remote access to plants over mobile networks e.g. GPRS or UMTS with integrated security features of firewalls to prevent unauthorized access, and VPNs to protect data transmission.SCALANCE SC-600 devices...
Exploit for Cross-Site Request Forgery (CSRF) in F5 Big-Iq_Centralized_Management
This is a proof of concept for CVE-2022-41622, which is a CSRF i...
F5 BIG-IP 安全漏洞
F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management, etc. An improper privilege management vulnerability exists in F5 BIG-IP iControl REST, which can be exploited by an authenticated...
CVE-2022-31177
Flask-AppBuilder is an application development framework built on top of Flask python framework. In versions prior to 4.1.3 an authenticated Admin user could query other users by their salted and hashed passwords strings. These filters could be made by using partial hashed password strings. The...
CVE-2022-20873
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...
CVE-2022-20910 Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers Remote Command Execution and Denial of Service Vulnerabilities
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...
CVE-2021-36849
Authenticated admin+ Stored Cross-Site Scripting XSS vulnerability in René Hermenau's Social Media Share Buttons plugin = 3.8.1 at WordPress...
CVE-2022-20904
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...
CVE-2022-20875
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of...
CVE-2022-32246
SAP Busines Objects Business Intelligence Platform Visual Difference Application - versions 420, 430, allows an authenticated attacker who has access to BI admin console to send crafted queries and extract data from the SQL backend. On successful exploitation, the attacker can cause limited impac...