Lucene search
K

925 matches found

CNNVD
CNNVD
added 2024/11/13 12:0 a.m.2 views

Ivanti Connect Secure和Ivanti Policy Secure 参数注入漏洞

Ivanti Connect Secure and Ivanti Policy Secure are both products of Ivanti Corporation, U.S.A. Ivanti Connect Secure is a secure remote network connection tool.Ivanti Policy Secure is a network access control NAC solution. A parameter injection vulnerability exists in Ivanti Connect Secure versio...

9.1CVSS9.3AI score0.01744EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/11/13 12:0 a.m.2 views

Ivanti Connect Secure和Ivanti Policy Secure 参数注入漏洞

Ivanti Connect Secure and Ivanti Policy Secure are both products of Ivanti Corporation, U.S.A. Ivanti Connect Secure is a secure remote network connection tool.Ivanti Policy Secure is a network access control NAC solution. A parameter injection vulnerability exists in Ivanti Connect Secure versio...

9.1CVSS9.4AI score0.01744EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/11/12 12:0 a.m.9 views

Laravel 参数注入漏洞

Laravel is a web application framework from the Laravel community. A parameter injection vulnerability exists in Laravel. An attacker exploiting this vulnerability can call any URL using a specially crafted query string...

8.7CVSS6.9AI score0.37981EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/11/06 12:0 a.m.4 views

IBPhoenix ibWebAdmin 注入漏洞

IBPhoenix ibWebAdmin is a Firebird and InterBase database server web front end from IBPhoenix. An injection vulnerability exists in IBPhoenix ibWebAdmin 1.0.2 and earlier versions, which stems from the parameter p in the file /togglefoldpanel.php in the Tabelas Section can lead to a cross-site...

5.3CVSS4.7AI score0.00316EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2024/11/01 7:0 a.m.2 views

PHP CGI Parameter Injection Vulnerability (CVE-2024-4577 bypass)

...

9.8CVSS7AI score0.99987EPSS
Exploits65
OpenVAS
OpenVAS
added 2024/10/24 12:0 a.m.21 views

Slackware: Security Advisory (SSA:2024-297-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.2AI score0.99987EPSS
Exploits68References9
Slackware Linux
Slackware Linux
added 2024/10/23 7:42 p.m.25 views

[slackware-security] php81

New php81 packages are available for Slackware 15.0 to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: extra/php81/php81-8.1.30-i586-1slack15.0.txz: Upgraded. This update fixes bugs and security issues: Bypass of CVE-2024-4577, Parameter Injection Vulnerability...

9.8CVSS9.9AI score0.99987EPSS
Exploits68
CNVD
CNVD
added 2024/10/13 12:0 a.m.7 views

OFCMS cross-site scripting vulnerability (CNVD-2024-41671)

OFSoft OFCMS is a content management system CMS developed by China Zhongtian Network OFSoft using Java language. OFCMS version 1.1.2 cross-site scripting vulnerability, the vulnerability stems from the file /admin/system/dict/add.json?sqlid=system.dict.save parameter dictvalue on the user-supplie...

5.3CVSS6.5AI score0.00337EPSS
Exploits0References1
CNVD
CNVD
added 2024/10/10 12:0 a.m.8 views

Siemens SINEC Security Monitor Parameter Injection Vulnerability

SINEC Security Monitor is a modular network security software for passive, non-intrusive, continuous network security monitoring during production processes at customer sites. Siemens SINEC Security Monitor suffers from a parameter injection vulnerability that stems from a failure to properly...

9.9CVSS8.1AI score0.0083EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/10 12:0 a.m.4 views

PT-2024-39856 · Unknown · Code-Projects Restaurant Reservation System

Name of the Vulnerable Software and Affected Versions: code-projects Restaurant Reservation System version 1.0 Description: A critical vulnerability has been found in the code-projects Restaurant Reservation System. This issue affects an unknown part of the file filter3.php. The manipulation of t...

9.8CVSS8.2AI score0.00663EPSS
Exploits1References10
CVE
CVE
added 2024/10/09 1:13 p.m.47 views

CVE-2024-9286

CVE-2024-9286 affects TRtek Software Distant Education Platform prior to 3.2024.11. The vulnerability is an SQL injection/parameter injection due to improper neutralization of special elements in SQL commands, enabling attackers to manipulate queries. Public documents describe the issue across mu...

8.8CVSS5.8AI score0.00351EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/09 12:0 a.m.4 views

TRtek Distant Education Platform SQL注入漏洞

TRtek Distant Education Platform is an application from TRtek, Inc. A SQL injection vulnerability exists in TRtek Distant Education Platform versions prior to 3.2024.11, which stems from improper input validation and allows for SQL injection and parameter injection...

8.8CVSS8AI score0.00351EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/10/08 3:48 a.m.38 views

CVE-2024-8926 PHP CGI Parameter Injection Vulnerability (CVE-2024-4577 bypass)

In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, 8.3. before 8.3.12, when using a certain non-standard configurations of Windows codepages, the fixes for CVE-2024-4577 https://github.com/advisories/GHSA-vxpp-6299-mxw3 may still be bypassed and the same command injection related to Windows...

8.1CVSS0.03686EPSS
Exploits65References1
Debian CVE
Debian CVE
added 2024/10/08 3:48 a.m.17 views

CVE-2024-8926

In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, 8.3. before 8.3.12, when using a certain non-standard configurations of Windows codepages, the fixes for CVE-2024-4577 https://github.com/advisories/GHSA-vxpp-6299-mxw3 may still be bypassed and the same command injection related to Windows...

8.8CVSS7.3AI score0.03686EPSS
Exploits65
CNNVD
CNNVD
added 2024/10/08 12:0 a.m.4 views

ggit 安全漏洞

ggit is a tool by Gleb Bahmutov Personal Developer. A security vulnerability exists in ggit that stems from not cleaning up user input or validating a given URL scheme, leaving it vulnerable to arbitrary parameter injection attacks...

6.5CVSS6.9AI score0.00577EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/10/08 12:0 a.m.7 views

Siemens SINEC Security Monitor 参数注入漏洞

SINEC Security Monitor is a modular network security software for passive, non-intrusive, continuous network security monitoring during production processes at customer sites. Siemens SINEC Security Monitor suffers from a parameter injection vulnerability that stems from a failure to properly...

9.9CVSS8.1AI score0.0083EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/10/03 12:0 a.m.121 views

PHP 8.2.x < 8.2.24 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP installed on the remote host is 8.1.x prior to 8.1.30, 8.2.x prior to 8.2.24, or 8.3.x prior to 8.3.12. It is, therefore, affected by multiple vulnerabilities: - Parameter injection vulnerability with a bypass of CVE-2024-4577...

9.8CVSS8.6AI score0.99987EPSS
Exploits68References5
Tenable Nessus
Tenable Nessus
added 2024/10/03 12:0 a.m.88 views

PHP 8.3.x < 8.3.12 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP installed on the remote host is 8.1.x prior to 8.1.30, 8.2.x prior to 8.2.24, or 8.3.x prior to 8.3.12. It is, therefore, affected by multiple vulnerabilities: - Parameter injection vulnerability with a bypass of CVE-2024-4577...

9.8CVSS8.6AI score0.99987EPSS
Exploits68References5
Tenable Nessus
Tenable Nessus
added 2024/10/03 12:0 a.m.47 views

PHP 8.1.x < 8.1.30 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP installed on the remote host is 8.1.x prior to 8.1.30, 8.2.x prior to 8.2.24, or 8.3.x prior to 8.3.12. It is, therefore, affected by multiple vulnerabilities: - Parameter injection vulnerability with a bypass of CVE-2024-4577...

9.8CVSS8.6AI score0.99987EPSS
Exploits68References5
CNNVD
CNNVD
added 2024/10/02 12:0 a.m.3 views

XZ Utils 安全漏洞

XZ Utils is an open source utility program by Tukaani. A security vulnerability exists in XZ Utils version 5.6.2 and earlier versions. An attacker can exploit this vulnerability to perform a parameter injection or directory traversal attack...

6.3CVSS7.1AI score0.00725EPSS
Exploits0References3
Rows per page
Query Builder