Lucene search
K

262 matches found

Positive Technologies
Positive Technologies
added 2024/09/23 12:0 a.m.6 views

PT-2024-40048 · Unknown · Camaleon Cms

Name of the Vulnerable Software and Affected Versions: Camaleon CMS affected versions not specified Description: The issue concerns a path traversal vulnerability in the MediaController class. An attacker who has taken over an administrator account could delete arbitrary files or folders on the...

7.3AI score
Exploits0References4
OSV
OSV
added 2024/09/07 7:15 p.m.4 views

CVE-2024-8561

A vulnerability has been found in SourceCodester PHP CRUD 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /endpoint/delete.php of the component Delete Person Handler. The manipulation of the argument person leads to sql injection. The attack...

9.8CVSS6.4AI score0.00436EPSS
Exploits0References4
OSV
OSV
added 2024/08/21 5:15 p.m.7 views

CVE-2024-5928

VIPRE Advanced Security PMAgent Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. An attacker must first obtain the ability to execute low-privileged code on the target...

7.8CVSS7.4AI score0.00379EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/08/20 12:0 a.m.6 views

WordPress plugin GiveWP 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

5.4CVSS6.3AI score0.00389EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/08/09 12:0 a.m.6 views

PT-2024-38470 · Sourcecodester · Sourcecodester Kortex Lite Advocate Office Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Kortex Lite Advocate Office Management System version 1.0 Description: A critical issue has been discovered, affecting the file delete client.php. The manipulation of the id argument leads to SQL injection. This issue can be...

9.8CVSS8AI score0.00953EPSS
Exploits1References5
OSV
OSV
added 2024/07/29 10:15 p.m.5 views

CVE-2024-7250

Comodo Internet Security Pro cmdagent Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Comodo Internet Security Pro. An attacker must first obtain the ability to execute low-privileged code on th...

7.8CVSS7.4AI score0.00319EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/07/29 12:0 a.m.7 views

PT-2024-38190 · Avast · Avast Cleanup Premium

Name of the Vulnerable Software and Affected Versions: Avast Cleanup Premium affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations of Avast Cleanup Premium. An attacker must first obtain the ability to execute low-privilege...

7.8CVSS7.4AI score0.00344EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/07/23 12:0 a.m.6 views

PT-2024-38209 · Comodo · Comodo Firewall

Name of the Vulnerable Software and Affected Versions: Comodo Firewall affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations of Comodo Firewall. An attacker must first obtain the ability to execute low-privileged code on th...

7.8CVSS7.4AI score0.00309EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/07/21 12:0 a.m.6 views

PT-2024-37990 · Sourcecodester · Sourcecodester Simple Online Book Store System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Online Book Store System version 1.0 Description: A critical issue was found in the system, affecting an unknown part of the file admin delete.php. The manipulation of the bookisbn argument leads to SQL injection. It is...

9.8CVSS8.5AI score0.00544EPSS
Exploits1References7
CNNVD
CNNVD
added 2024/07/09 12:0 a.m.5 views

Smart PLC AC14xx and Smart PLC AC4xxS Operating System Command Injection Vulnerability

The ifm electronic Smart PLC AC14xx and ifm electronic Smart PLC AC4xxS are a series of hosts/gateways from ifm electronic Germany. An operating system command injection vulnerability exists in Smart PLC AC14xx and Smart PLC AC4xxS versions 4.3.17 and earlier, which originates from a remote...

7.2CVSS7.7AI score0.00766EPSS
Exploits0References2
OSV
OSV
added 2024/06/20 8:15 p.m.4 views

CVE-2024-6147

Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Poly Plantronics Hub. An attacker must first obtain the ability to execute low-privileged code on the target system in order ...

7.8CVSS6.2AI score0.00389EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/20 8:11 p.m.30 views

CVE-2024-6147 Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability

Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Poly Plantronics Hub. An attacker must first obtain the ability to execute low-privileged code on the target system in order ...

7.8CVSS0.00389EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/06/18 12:0 a.m.4 views

PT-2024-37415 · Poly · Poly Plantronics Hub

Name of the Vulnerable Software and Affected Versions: Poly Plantronics Hub affected versions not specified Description: This issue allows local attackers to escalate privileges on affected installations of Poly Plantronics Hub. An attacker must first obtain the ability to execute low-privileged...

7.8CVSS7.4AI score0.00389EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/06/15 12:0 a.m.2 views

Online Book Store SQL Injection Vulnerability

Online Book Store is an online bookstore by the individual developer Arvin Arandilla. The SQL injection vulnerability exists in itsourcecode Online Book Store version 1.0, which stems from admindelete.php containing unknown processing that leads to SQL injection via the parameter bookisbn...

9.8CVSS8AI score0.00504EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/06/15 12:0 a.m.5 views

PT-2024-37316 · Unknown · Itsourcecode Online Bookstore

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Book Store version 1.0 Description: A critical issue affects the processing of the file admin delete.php. The manipulation of the bookisbn argument leads to SQL injection. The attack can be initiated remotely...

9.8CVSS8.1AI score0.00504EPSS
Exploits1References6
OSV
OSV
added 2024/05/22 8:15 p.m.4 views

CVE-2023-51636

Avira Prime Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

7.8CVSS6.2AI score0.00956EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/05/22 8:15 p.m.5 views

CVE-2023-51636

Avira Prime Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Avira Prime. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this...

7.8CVSS6.1AI score0.00956EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/04/08 12:0 a.m.7 views

PT-2024-21978

Name of the Vulnerable Software and Affected Versions: GNU Savane versions 3.12 and earlier Description: The issue allows a remote attacker to delete arbitrary files via crafted input to the trackers data delete file function. This is due to an Insecure Direct Object Reference IDOR in the softwar...

7.5CVSS6.3AI score0.00819EPSS
Exploits1References7
CNNVD
CNNVD
added 2024/02/14 12:0 a.m.4 views

Employee Managment System SQL Injection Vulnerability

Employee Managment System is an employee management system. An SQL injection vulnerability exists in Employee Managment System v1.0, which originates from a SQL injection vulnerability in the file /delete.php...

7.2CVSS7.9AI score0.00716EPSS
Exploits1References2
OSV
OSV
added 2024/02/06 5:15 p.m.3 views

CVE-2024-1252

A vulnerability classified as critical was found in Tongda OA 2017 up to 11.9. Affected by this vulnerability is an unknown functionality of the file /general/attendance/manage/askduty/delete.php. The manipulation of the argument ASKDUTYID leads to sql injection. The exploit has been disclosed to...

9.8CVSS5.5AI score0.00651EPSS
Exploits1References3
Rows per page
Query Builder