682 matches found
CVE-2024-26476
An issue in open-emr before v.7.0.2 allows a remote attacker to escalate privileges via a crafted script to the formid parameter in the ereqform.php component...
CVE-2024-22917
SQL injection vulnerability in Dynamic Lab Management System Project in PHP v.1.0 allows a remote attacker to execute arbitrary code via a crafted script...
CVE-2024-24402
An issue in Nagios XI 2024R1.01 allows a remote attacker to escalate privileges via a crafted script to the /usr/local/nagios/bin/npcd component...
The vulnerability of the bhyveload utility in FreeBSD operating systems allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the bhyveload module in FreeBSD is related to an incorrect limitation on the path name to the host-path directory with restricted access. Exploiting this vulnerability allows a remote attacker to gain unauthorized access to protected information by loading a specially crafted...
CVE-2024-24402
An issue in Nagios XI 2024R1.01 allows a remote attacker to escalate privileges via a crafted script to the /usr/local/nagios/bin/npcd component...
CVE-2024-24402
An issue in Nagios XI 2024R1.01 allows a remote attacker to escalate privileges via a crafted script to the /usr/local/nagios/bin/npcd component...
Cross site scripting
Cross Site Scripting XSS vulnerability in ProjeQtOr 11.0.2 allows a remote attacker to execute arbitrary code via a crafted script to thecheckvalidHtmlText function in the ack.php and security.php files...
CVE-2024-25466
Directory Traversal vulnerability in React Native Document Picker before v.9.1.1 and fixed in v.9.1.1 allows a local attacker to execute arbitrary code via a crafted script to the Android library component...
Directory traversal
Directory Traversal vulnerability in React Native Document Picker before v.9.1.1 and fixed in v.9.1.1 allows a local attacker to execute arbitrary code via a crafted script to the Android library component...
Code injection
An issue in idocv v.14.1.320231228 allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted script...
CVE-2024-24377
An issue in idocv v.14.1.320231228 allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted script...
CVE-2024-24377
An issue in idocv v.14.1.320231228 allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted script...
PT-2024-20375 · Idocv · Idocv
Name of the Vulnerable Software and Affected Versions: idocv version 14.1.3 20231228 Description: An issue in idocv allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted script. Recommendations: For idocv version 14.1.3 20231228, at the moment, there is...
CVE-2023-48985
Cross Site Scripting XSS vulnerability in CU Solutions Group CUSG Content Management System CMS before v.7.75 allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the login.php component...
CVE-2023-48986
Cross Site Scripting XSS vulnerability in CU Solutions Group CUSG Content Management System CMS before v.7.75 allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the users.php component...
Sql injection
Blind SQL Injection vulnerability in CU Solutions Group CUSG Content Management System CMS before v.7.75 allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the pages.php component...
Cross site scripting
Cross Site Scripting XSS vulnerability in CU Solutions Group CUSG Content Management System CMS before v.7.75 allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the users.php component...
Cross site scripting
Cross Site Scripting XSS vulnerability in CU Solutions Group CUSG Content Management System CMS before v.7.75 allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the login.php component...
CVE-2023-48985
Cross Site Scripting XSS vulnerability in CU Solutions Group CUSG Content Management System CMS before v.7.75 allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the login.php component...
CVE-2023-48986
Cross Site Scripting XSS vulnerability in CU Solutions Group CUSG Content Management System CMS before v.7.75 allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted script to the users.php component...