Page 125 of 5110 results (0.020 seconds)

CVSS: 5.4EPSS: 0%CPEs: -EXPL: 0

SQL injection vulnerability in Niushop B2B2C v.5.3.3 and before allows an attacker to escalate privileges via the deleteArea() function of the Address.php component. • https://chiggerlor.substack.com/p/cve-2024-28560-cve-2024-28559 https://gitee.com/niushop-team/niushop_b2c_v5 https://v5.niuteam.cn https://www.niushop.com • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

In the Windows installer in Atos Eviden CardOS API before 5.5.5.2811, Local Privilege Escalation can occur. • https://support.bull.com/ols/product/security/psirt/security-bulletins/cardos-api-local-privilege-escalation-psirt-358-tlp-clear-version-2-6-cve-2023-41099/view • CWE-269: Improper Privilege Management •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

SQL injection vulnerability in Best-Kit bestkit_popup v.1.7.2 and before allows a remote attacker to escalate privileges via the bestkit_popup.php component. • https://addons.prestashop.com/en/pop-up/20208-pop-up-schedule-popup-splash-window.html https://security.friendsofpresta.org/modules/2024/03/14/bestkit_popup.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

SQL injection vulnerability in pscartabandonmentpro v.2.0.11 and before allows a remote attacker to escalate privileges via the pscartabandonmentproFrontCAPUnsubscribeJobModuleFrontController::setEmailVisualized() method. • https://addons.prestashop.com/en/remarketing-shopping-cart-abandonment/16535-abandoned-cart-reminder-pro.html https://security.friendsofpresta.org/modules/2024/03/14/pscartabandonmentpro.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

An issue was discovered in tramyardg autoexpress version 1.3.0, allows unauthenticated remote attackers to escalate privileges, update car data, delete vehicles, and upload car images via authentication bypass in uploadCarImages.php. • https://packetstormsecurity.com/files/177661/Tramyardg-Autoexpress-1.3.0-Authentication-Bypass.html • CWE-269: Improper Privilege Management •