363816 matches found
CVE-2023-6978
The WP Job Manager – Company Profiles plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'company' parameter in all versions up to, and including, 1.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inje...
CVE-2024-49411
Path Traversal in ThemeCenter prior to SMR Dec-2024 Release 1 allows physical attackers to copy apk files to arbitrary path with ThemeCenter privilege...
CVE-2024-49360
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. An authenticated user UserA with no privileges is authorized to read all files created in sandbox belonging to other users in the sandbox folders C:\Sandbox\UserB\xxx. An authenticated attack...
CVE-2024-10878
The Sugar Calendar – Simple Event Management plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 3.3.0. This makes it possible for unauthenticated attacker...
CVE-2024-52309
SFTPGo is a full-featured and highly configurable SFTP, HTTP/S, FTP/S and WebDAV server - S3, Google Cloud Storage, Azure Blob. One powerful feature of SFTPGo is the ability to have the EventManager execute scripts or run applications in response to certain events. This feature is very common in...
CVE-2024-9828
The Taskbuilder WordPress plugin before 3.0.5 does not sanitize user input into the 'loadorders' parameter and uses it in a SQL statement, allowing high privilege users such as admin to perform SQL Injection attacks...
CVE-2024-53084
In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Break an object reference loop When remaining resources are being cleaned up on driver close, outstanding VM mappings may result in resources being leaked, due to an object reference loop, as shown below, with ea...
CVE-2024-53072
In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Detect when STB is not available Loading the amdpmc module as: amdpmc enablestb=1 ...can result in the following messages in the kernel ring buffer: amdpmc AMDI0009:00: SMU cmd failed. err: 0xff ioremap on R...
CVE-2024-9500
A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by the Autodesk Installer could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to insecure privilege management...
CVE-2024-45610
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An unauthenticated user can provide a malicious link to a GLPI technician in order to exploit a reflected XSS vulnerability located in the Cable form...
CVE-2024-52528
Budget Control Gateway acts as an entry point for incoming requests and routes them to the appropriate microservices for Budget Control. Budget Control Gateway does not properly validate auth tokens, which allows attackers to bypass intended restrictions. This vulnerability is fixed in 1.5.2...
CVE-2021-34752
A vulnerability in the CLI of Cisco FTD Software could allow an authenticated, local attacker with administrative privileges to execute arbitrary commands with root privileges on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of...
CVE-2023-0737
wallabag version 2.5.2 contains a Cross-Site Request Forgery CSRF vulnerability that allows attackers to arbitrarily delete user accounts via the /account/delete endpoint. This issue is fixed in version 2.5.4...
CVE-2024-52374
Unrestricted Upload of File with Dangerous Type vulnerability in DoThatTask Do That Task do-that-task allows Upload a Web Shell to a Web Server.This issue affects Do That Task: from n/a through = 1.5.5...
CVE-2024-11213
A vulnerability, which was classified as critical, was found in SourceCodester Best Employee Management System 1.0. This affects an unknown part of the file /admin/editrole.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit...
CVE-2024-52298
macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. The PDF Viewer macro allows an attacker to view any attachment using the "Delegate my view right" feature as long as the attacker can view a page whose last author has access to the attachment. For this, the attacker only needs...
CVE-2024-10629
The GPX Viewer plugin for WordPress is vulnerable to arbitrary file creation due to a missing capability check and file type validation in the gpxvfileupload function in all versions up to, and including, 2.2.9. This makes it possible for authenticated attackers, with subscriber-level access and...
CVE-2024-49048
TorchGeo Remote Code Execution Vulnerability...
CVE-2024-10958
The The WP Photo Album Plus plugin for WordPress is vulnerable to arbitrary shortcode execution via getshortcodedrenderedfenodelay AJAX action in all versions up to, and including, 8.8.08.007 . This is due to the software allowing users to execute an action that does not properly validate a value...
CVE-2024-52004
MediaCMS is an open source video and media CMS, written in Python/Django and React, featuring a REST API. MediaCMS has been prone to vulnerabilities that upon special cases can lead to remote code execution. All versions before v4.1.0 are susceptible, and users are highly recommended to...
CVE-2024-9307
The mFolio Lite plugin for WordPress is vulnerable to file uploads due to a missing capability check in all versions up to, and including, 1.2.1. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute...
CVE-2024-51493
OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up until and including 1.10.2 contain a vulnerability that allows an attacker that has gained temporary control over an authenticated victim's OctoPrint browser session to retrieve/recreate/delete the user...
CVE-2024-34891
Insufficiently protected credentials in DAV server settings in 1C-Bitrix Bitrix24 23.300.100 allows remote administrators to read Exchange account passwords via HTTP GET request...
CVE-2024-10750
A vulnerability has been found in Tenda i22 1.0.0.34687 and classified as problematic. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV?fgHPOST/goform/SysToo. The manipulation of the argument Content-Length leads to null pointer dereference. The attack can ...
CVE-2024-10748
A vulnerability, which was classified as problematic, has been found in Cosmote Greece What's Up App 4.47.3 on Android. This issue affects some unknown processing of the file gr/desquared/kmmsharedmodule/db/RealmDB.java of the component Realm Database Handler. The manipulation of the argument...
CVE-2024-49256
Incorrect Authorization vulnerability in WP Chill Htaccess File Editor htaccess-file-editor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Htaccess File Editor: from n/a through = 1.0.18...
CVE-2024-47317
Missing Authorization vulnerability in Ads by WPQuads Ads by WPQuads quick-adsense-reloaded.This issue affects Ads by WPQuads: from n/a through = 2.0.84...
CVE-2024-43154
Missing Authorization vulnerability in BracketSpace Advanced Cron Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Cron Manager – debug & control: from n/a through 2.5.9...
CVE-2024-39719
An issue was discovered in Ollama through 0.3.14. File existence disclosure can occur via api/create. When calling the CreateModel route with a path parameter that does not exist, it reflects the "File does not exist" error message to the attacker, providing a primitive for file existence on the...
CVE-2024-50623
In Cleo Harmony before 5.8.0.21, VLTrader before 5.8.0.21, and LexiCom before 5.8.0.21, there is an unrestricted file upload and download that could lead to remote code execution...
CVE-2024-49682
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in wp.insider Simple Membership simple-membership allows Phishing.This issue affects Simple Membership: from n/a through = 4.5.3...
CVE-2024-47387
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Search Atlas Group Search Atlas SEO metasync allows Stored XSS.This issue affects Search Atlas SEO: from n/a through = 1.8.2...
CVE-2024-25707
There is a reflected cross site scripting in Esri Portal for ArcGIS 11.1 and below on Windows and Linux x64 allows a remote authenticated attacker with administrative access to supply a crafted string which could potentially execute arbitrary JavaScript code in the their own browser Self XSS. A...
CVE-2024-9405
An incorrect limitation of a path to a restricted directory path traversal has been detected in Pluck CMS, affecting version 4.7.18. An unauthenticated attacker could extract sensitive information from the server via the absolute path of a file located in the same directory or subdirectory as the...
CVE-2024-45496
A flaw was found in OpenShift. This issue occurs due to the misuse of elevated privileges in the OpenShift Container Platform's build process. During the build initialization step, the git-clone container is run with a privileged security context, allowing unrestricted access to the node. An...
CVE-2024-45801
DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. It has been discovered that malicious HTML using special nesting techniques can bypass the depth checking added to DOMPurify in recent releases. It was also possible to use Prototype Pollution to weaken the...
CVE-2024-6656
Use of Hard-coded Credentials vulnerability in TNB Mobile Solutions Cockpit Software allows Read Sensitive Strings Within an Executable. This issue affects Cockpit Software: before v2.13...
CVE-2024-8664
The WP Test Email plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.1.7. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages...
CVE-2024-45851
An arbitrary code execution vulnerability exists in versions 23.10.5.0 up to 24.7.4.1 of the MindsDB platform, when the Microsoft SharePoint integration is installed on the server. For databases created with the SharePoint engine, an ‘INSERT’ query can be used for list item creation. If such a...
CVE-2024-40655
In bindAndGetCallIdentification of CallScreeningServiceHelper.java, there is a possible way to maintain a while-in-use permission in the background due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is...
CVE-2024-7770
The Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'upload' function in all versions up to, and including, 6.5.5. This makes it possible for authenticated...
CVE-2024-43647
A vulnerability has been identified in SIMATIC S7-200 SMART CPU CR40 6ES7288-1CR40-0AA0 All versions, SIMATIC S7-200 SMART CPU CR60 6ES7288-1CR60-0AA0 All versions, SIMATIC S7-200 SMART CPU SR20 6ES7288-1SR20-0AA0 All versions, SIMATIC S7-200 SMART CPU SR20 6ES7288-1SR20-0AA1 All versions, SIMATI...
CVE-2024-45406
Craft is a content management system CMS. Craft CMS 5 stored XSS can be triggered by the breadcrumb list and title fields with user input...
CVE-2024-45075
IBM webMethods Integration 10.15 could allow an authenticated user to create scheduler tasks that would allow them to escalate their privileges to administrator due to missing authentication...
CVE-2024-1056
The FunnelKit Funnel Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'allowiframetaginpost' function which uses the 'wpksesallowedhtml' filter to globally allow script and iframe tags in posts in all versions up to, and including, 3.4.5. This makes it possibl...
CVE-2024-7720
HP Security Manager is potentially vulnerable to Remote Code Execution as a result of code vulnerability within the product's solution open-source libraries...
CVE-2024-43265
Cross-Site Request Forgery CSRF vulnerability in Analytify.This issue affects Analytify: from n/a through 5.3.1...
CVE-2024-45256
An arbitrary file write issue in the exfiltration endpoint in BYOB Build Your Own Botnet 2.0 allows attackers to overwrite SQLite databases and bypass authentication via an unauthenticated HTTP request with a crafted parameter. This occurs in fileadd in api/files/routes.py...
CVE-2024-43787
Hono is a Web application framework that provides support for any JavaScript runtime. Hono CSRF middleware can be bypassed using crafted Content-Type header. MIME types are case insensitive, but isRequestedByFormElementRe only matches lower-case. As a result, attacker can bypass csrf middleware...
CVE-2024-43411
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A theoretical vulnerability has been identified in CKEditor 4.22 and above. In a highly unlikely scenario where an attacker gains control over the https://cke4.ckeditor.com domain, they could potentially execute an attack on...