Page 121 of 35276 results (0.041 seconds)

CVSS: -EPSS: %CPEs: -EXPL: 0

https://blog.chebuya.com/posts/unauthenticated-remote-command-execution-on-byob •

CVSS: 9.4EPSS: 0%CPEs: 1EXPL: 0

This can lead to an RCE. ... Esto puede dar lugar a una RCE. • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32188 https://github.com/neuvector/neuvector/security/advisories/GHSA-622h-h2p8-743x • CWE-1270: Generation of Incorrect Security Tokens •

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

SolarWinds Serv-U is vulnerable to a directory traversal vulnerability where remote code execution is possible depending on privileges given to the authenticated user. • https://www.solarwinds.com/trust-center/security-advisories/CVE-2024-45711 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0

dingfanzu CMS V1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the addPro parameter of the component doAdminAction.php which allows a remote attacker to execute arbitrary code Se descubrió que dingfanzu CMS V1.0 contiene Cross-Site Request Forgery (CSRF) a través del parámetro addPro del componente doAdminAction.php que permite a un atacante remoto ejecutar código arbitrario. • https://github.com/Yllxx03/CVE/blob/main/CVE-2024-48758/CVE-2024-48758.md • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0

A Reflected Cross Site Scripting (XSS) vulnerability was found in /trms/listed- teachers.php in PHPGurukul Teachers Record Management System v2.1, which allows remote attackers to execute arbitrary code via "searchinput" POST request parameter. • https://github.com/vkcyberexpert/CVE-Writeup/blob/main/PHPGurukul/Teachers%20Record/Reflected%20XSS.pdf • CWE-94: Improper Control of Generation of Code ('Code Injection') •