364619 matches found
CVE-2022-37109
patrickfuller camp up to and including commit bbd53a256ed70e79bd8758080936afbf6d738767 is vulnerable to Incorrect Access Control. Access to the password.txt file is not properly restricted as it is in the root directory served by StaticFileHandler and the Tornado rule to throw a 403 error when...
CVE-2022-39273
FlyteAdmin is the control plane for the data processing platform Flyte. Users who enable the default Flyte’s authorization server without changing the default clientid hashes will be exposed to the public internet. In an effort to make enabling authentication easier for Flyte administrators, the...
CVE-2021-20031
A Host Header Redirection vulnerability in SonicOS potentially allows a remote attacker to redirect firewall management users to arbitrary web domains...
CVE-2021-35212
An SQL injection Privilege Escalation Vulnerability was discovered in the Orion Platform reported by the ZDI Team. A blind Boolean SQL injection which could lead to full read/write over the Orion database content including the Orion certificate for any authenticated user...
CVE-2020-13154
Zoho ManageEngine Service Plus before 11.1 build 11112 allows low-privilege authenticated users to discover the File Protection password via a getFileProtectionSettings call to AjaxServlet...
CVE-2019-13977
index.php in Ovidentia 8.4.3 has XSS via tg=groups, tg=maildoms&idx=create&userid=0&bgrp=y, tg=delegat, tg=site&idx=create, tg=site&item=4, tg=admdir&idx=mdb&id=1, tg=notes&idx=Create, tg=admfaqs&idx=Add, or tg=admoc&idx=addoc&item=...
CVE-2009-3042
SQL injection vulnerability in machine.php in Open Computer and Software OCS Inventory NG 1.02.1 allows remote attackers to execute arbitrary SQL commands via the systemid parameter, a different vector than CVE-2009-3040...
CVE-2026-40129
Due to a Code Injection vulnerability in SAP Application Server ABAP for SAP NetWeaver and ABAP Platform, an authenticated attacker could send specially crafted inputs to the application. If processed by the application, this input could be delivered to users subscribed to the channel and result ...
CVE-2021-47939
Evolution CMS 3.1.6 contains a remote code execution vulnerability that allows authenticated users with module creation permissions to execute arbitrary system commands by injecting PHP code into module parameters. Attackers can send POST requests to /manager/index.php with malicious PHP code in...
CVE-2023-53950
InnovaStudio WYSIWYG Editor 5.4 contains an unrestricted file upload vulnerability that allows attackers to bypass file extension restrictions through filename manipulation. Attackers can upload malicious ASP shells by using null byte techniques and alternate file extensions to circumvent upload...
CVE-2025-62412
LibreNMS is a community-based GPL-licensed network monitoring system. The alert rule name in the Alerts Alert Rules page is not properly sanitized, and can be used to inject HTML code. This vulnerability is fixed in 25.10.0...
CVE-2025-58369
fs2 is a compositional, streaming I/O library for Scala. Versions up to and including 2.5.12, 3.0.0-M1 through 3.12.2, and 3.13.0-M1 through 3.13.0-M6 are vulnerable to denial of service attacks though TLS sessions using fs2-io on the JVM using the fs2.io.net.tls package. When establishing a TLS...
CVE-2025-49736
The ui performs the wrong action in Microsoft Edge for Android allows an unauthorized attacker to perform spoofing over a network...
CVE-2025-53673
Jenkins Sensedia Api Platform tools Plugin 1.0 stores the Sensedia API Manager integration token unencrypted in its global configuration file on the Jenkins controller, where it can be viewed by users with access to the Jenkins controller file system...
CVE-2025-41441
Mailform Pro CGI prior to 4.3.4 generates error messages containing sensitive information, which may allow a remote unauthenticated attacker to obtain coupon codes. This vulnerability only affects products that use the coupon feature...
CVE-2025-31137
React Router is a multi-strategy router for React bridging the gap from React 18 to React 19. There is a vulnerability in Remix/React Router that affects all Remix 2 and React Router 7 consumers using the Express adapter. Basically, this vulnerability allows anyone to spoof the URL used in an...
CVE-2024-8474
OpenVPN Connect before version 3.5.0 can contain the configuration profile's clear-text private key which is logged in the application log, which an unauthorized actor can use to decrypt the VPN traffic...
CVE-2024-12792
A vulnerability classified as critical was found in Codezips E-Commerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file newadmin.php. The manipulation of the argument email leads to sql injection. The attack can be launched remotely. The exploit has been disclosed...
CVE-2024-52342
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Offshorent Solutions Pvt Ltd OS BXSlider os-bxslider allows Stored XSS.This issue affects OS BXSlider: from n/a through = 2.6...
CVE-2024-49039
Windows Task Scheduler Elevation of Privilege Vulnerability...
CVE-2024-45850
An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server. For databases created with the SharePoint engine, an ‘INSERT’ query can be used for site column creation. If such a...
CVE-2024-39628
Cross-Site Request Forgery CSRF vulnerability in Saturday Drive Ninja Forms allows Cross Site Request Forgery.This issue affects Ninja Forms: from n/a through 3.8.6...
CVE-2024-8131
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814 and classified as critical. Affected by thi...
CVE-2024-7506
A vulnerability has been found in itsourcecode Tailoring Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /setlogo.php. The manipulation of the argument bgimg leads to unrestricted upload. The attack can be launched remotely...
CVE-2024-40624
TorrentPier is an open source BitTorrent Public/Private tracker engine, written in php. In torrentpier/library/includes/functions.php, gettracks uses the unsafe native PHP serialization format to deserialize user-controlled cookies. One can use phpggc and the chain Guzzle/FW1 to write PHP code to...
CVE-2024-20701
SQL Server Native Client OLE DB Provider Remote Code Execution Vulnerability...
CVE-2024-26015
An incorrect parsing of numbers with different radices vulnerability CWE-1389 in FortiProxy version 7.4.3 and below, version 7.2.10 and below, version 7.0.17 and below and FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.15 and below IP address validation feature may permit a...
CVE-2024-31890
IBM i 7.3, 7.4, and 7.5 product IBM TCP/IP Connectivity Utilities for i contains a local privilege escalation vulnerability. A malicious actor with command line access to the host operating system can elevate privileges to gain root access to the host operating system. IBM X-Force ID: 288171...
CVE-2023-24204
SQL injection vulnerability in SourceCodester Simple Customer Relationship Management System v1.0 allows attacker to execute arbitrary code via the name parameter in get-quote.php...
CVE-2023-37325
D-Link DAP-2622 DDP Set SSID List Missing Authentication Vulnerability. This vulnerability allows network-adjacent attackers to make unauthorized changes to device configuration on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The...
CVE-2024-33851
phpecc, as used in paragonie/phpecc before 2.0.1, has a branch-based timing leak in Point addition. This is related to phpecc/phpecc on GitHub, and the Matyas Danter ECC library...
CVE-2023-48777
Unrestricted Upload of File with Dangerous Type vulnerability in Elementor.Com Elementor Website Builder.This issue affects Elementor Website Builder: from 3.3.0 through 3.18.1...
CVE-2024-28117
Grav is an open-source, flat-file content management system. Prior to version 1.7.45, Grav validates accessible functions through the Utils::isDangerousFunction function, but does not impose restrictions on twig functions like twigarraymap, allowing attackers to bypass the validation and execute...
CVE-2023-51653
Hertzbeat is a real-time monitoring system. In the implementation of JmxCollectImpl.java, JMXConnectorFactory.connect is vulnerable to JNDI injection. The corresponding interface is /api/monitor/detect. If there is a URL field, the address will be used by default. When the URL is...
CVE-2023-25989
Cross-Site Request Forgery CSRF vulnerability in Meks Video Importer, Meks Time Ago, Meks ThemeForest Smart Widget, Meks Smart Author Widget, Meks Audio Player, Meks Easy Maps, Meks Easy Photo Feed Widget, Meks Simple Flickr Widget, Meks Easy Ads Widget, Meks Smart Social Widget plugins leading...
CVE-2023-4506
The Active Directory Integration / LDAP Integration plugin for WordPress is vulnerable to LDAP Passback in versions up to, and including, 4.1.10. This is due to insufficient validation when changing the LDAP server. This makes it possible for authenticated attackers, with administrative access an...
CVE-2023-41327
WireMock is a tool for mocking HTTP services. WireMock can be configured to only permit proxying and therefore recording to certain addresses. This is achieved via a list of allowed address rules and a list of denied address rules, where the allowed list is evaluated first. Until WireMock Webhook...
CVE-2023-0934
Cross-site Scripting XSS - Stored in GitHub repository answerdev/answer prior to 1.0.5...
CVE-2022-23553
Alpine is a scaffolding library in Java. Alpine prior to version 1.10.4 allows URL access filter bypass. This issue has been fixed in version 1.10.4. There are no known workarounds...
CVE-2022-20486
In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2022-38531
FPT G-97RG6M R4.2.98.035 and G-97RG3 R4.2.43.078 are vulnerable to Remote Command Execution in the ping function...
CVE-2022-37112
BlueCMS 1.6 has SQL injection in line 55 of admin/model.php...
CVE-2022-31033
The Mechanize library is used for automating interaction with websites. Mechanize automatically stores and sends cookies, follows redirects, and can follow links and submit forms. In versions prior to 2.8.5 the Authorization header is leaked after a redirect to a different port on the same site...
CVE-2021-43960
Lorensbergs Connect2 3.13.7647.20190 is affected by an XSS vulnerability. Exploitation requires administrator privileges and is performed through the Wizard editor of the application. The attack requires an administrator to go into the Wizard editor and enter an XSS payload within the Page title,...
CVE-2021-33816
The website builder module in Dolibarr 13.0.2 allows remote PHP code execution because of an incomplete protection mechanism in which system, exec, and shellexec are blocked but backticks are not blocked...
CVE-2021-24683
The Weather Effect WordPress plugin before 1.3.4 does not have any CSRF checks in place when saving its settings, and do not validate or escape them, which could lead to Stored Cross-Site Scripting issue...
CVE-2021-20589
Buffer access with incorrect length value vulnerability in GOT2000 series GT27 model communication driver versions 01.19.000 through 01.38.000, GT25 model communication driver versions 01.19.000 through 01.38.000, GT23 model communication driver versions 01.19.000 through 01.38.000 and GT21 model...
CVE-2021-20083
Improperly Controlled Modification of Object Prototype Attributes 'Prototype Pollution' in jquery-plugin-query-object 2.2.3 allows a malicious user to inject properties into Object.prototype...
CVE-2021-21298
Node-Red is a low-code programming for event-driven applications built using nodejs. Node-RED 1.2.7 and earlier has a vulnerability which allows arbitrary path traversal via the Projects API. If the Projects feature is enabled, a user with projects.read permission is able to access any file via t...
CVE-2026-46764
The Event Log detail endpoint GET /api/v2/eventLogs/eventlogid in Apache Airflow fetched audit-log rows directly by numeric ID after only the generic Audit Log permission check, while the collection endpoint GET /api/v2/eventLogs applied per-Dag scoping. An authenticated UI/API user with audit-lo...