14 matches found
The vulnerability of the “Export/Import Products to Excel” plugin, which exists due to the lack of protective measures for the website structure, allows attackers to carry out XSS attacks.
The vulnerability of the “Export/Import Products to Excel” plugin exists due to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
CVE-2025-1050
Sonos Era 300 Out-of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of...
The vulnerability of D-Link DIR-816 router microprogramming software, related to the lack of protective measures for website structures, allows attackers to perform cross-site scripting (XSS) attacks.
The vulnerability of D-Link DIR-816 router’s microprogramming software is related to the lack of measures taken to protect the website structure during the processing of SSID identifiers. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS remotely...
CVE-2022-28668
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro 11.9.2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
The vulnerability of the Fields plugin in the GLPI system for managing requests, incidents, and inventory of computer equipment arises from the lack of protection for the SQL query structure. This allows attackers to execute arbitrary SQL code.
The vulnerability of the Fields plugin in the GLPI system for managing requests, incidents, and inventory of computer equipment is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL code remotely...
The vulnerability of the centreon-web component of the Centreon software for monitoring IT infrastructure allows a perpetrator to enhance their privileges and execute arbitrary code.
The vulnerability of the centreon-web component of the IT infrastructure monitoring software lies in the lack of protective measures for the SQL query structure. This allows attackers to enhance their privileges and execute arbitrary code using a specially created SQL query...
The vulnerability of the MXSecurity software platform for managing security in industrial networks lies in its failure to protect the SQL query structure. This allows attackers to execute arbitrary commands and gain unauthorized access to protected information.
The vulnerability of the MXSecurity software platform for managing security in industrial networks stems from the lack of protective measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands and gain unauthorized access to protected...
The vulnerability of Adobe Experience Manager’s content and media data management system, related to the lack of measures taken to protect the structure of web pages, allows attackers to execute arbitrary JavaScript code in the user’s browser.
The vulnerability of the Adobe Experience Manager content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code in the user’s browser using a specially crafted...
The vulnerability of the McAfee ePolicy Orchestrator console for managing enterprise security integrated solutions arises from the lack of protection for the website structure. This allows attackers to execute a cross-site scripting attack.
The vulnerability of the McAfee ePolicy Orchestrator console for managing enterprise security integrated solutions is related to the lack of protective measures for the website structure. Exploiting this vulnerability could allow a malicious actor to execute a cross-site scripting attack remotely...
The vulnerability in the web-based management interface of Cisco SD-WAN allows a attacker to execute cross-site attacks.
The vulnerability in the Cisco SD-WAN programmatically-defined network management web interface is related to the lack of protective measures for the web page structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks...
Information Disclosure
kernel is vulnerable to information disclosure. A flaw was found in the tcfactpolicedump function in the Linux kernel network traffic policing implementation. A data structure in tcfactpolicedump was not initialized properly before being copied to user-space. A local, unprivileged user could use...
The vulnerability of the Etlas electronic document management system allows a perpetrator to execute arbitrary codes.
The vulnerability of the Etlas e-mail processing system exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the user’s browser by placing it in the “Description” field when creating ...
The vulnerability of the NVBUPhaseStatus Count request handler in the NetVault Backup software allows a attacker to execute arbitrary code.
The vulnerability of the NVBUPhaseStatus Count processing component in NetVault Backup software relates to insufficient protection of the SQL query structure. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...
The vulnerability of the “/com.sapportals.navigation.testComponent.NavigationRequestSniffer” component of the SAP NetWeaver software integration platform allows a hacker to inject any HTML tags into a page.
The vulnerability of the “/com.sapportals.navigation.testComponent.NavigationRequestSniffer” component of the SAP NetWeaver software integration platform exists due to the lack of measures taken to protect the structure of web pages. This vulnerability allows a malicious actor to inject arbitrary...