Page 132 of 3552 results (0.047 seconds)

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

SQL njection vulnerability in SunnyToo sturls before version 1.1.13, allows attackers to escalate privileges and obtain sensitive information via StUrls::hookActionDispatcher and StUrls::getInstanceId methods. • https://security.friendsofpresta.org/modules/2023/12/07/sturls.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

SQL injection vulnerability in Buy Addons bavideotab before version 1.0.6, allows attackers to escalate privileges and obtain sensitive information via the component BaVideoTabSaveVideoModuleFrontController::run(). • https://security.friendsofpresta.org/modules/2023/12/07/bavideotab.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0

IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the piobe command to escalate privileges or cause a denial of service. • https://exchange.xforce.ibmcloud.com/vulnerabilities/267968 https://www.ibm.com/support/pages/node/7095022 •

CVSS: 8.4EPSS: 0%CPEs: 3EXPL: 0

IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a privileged local user to exploit a vulnerability in the qdaemon command to escalate privileges or cause a denial of service. • https://exchange.xforce.ibmcloud.com/vulnerabilities/267972 https://www.ibm.com/support/pages/node/7095022 •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 3

PDF24 Creator versions 11.15.1 and below suffer from a local privilege escalation vulnerability via the MSI installer. • http://packetstormsecurity.com/files/176206/PDF24-Creator-11.15.1-Local-Privilege-Escalation.html http://seclists.org/fulldisclosure/2023/Dec/18 https://sec-consult.com/vulnerability-lab/advisory/local-privilege-escalation-via-msi-installer-in-pdf24-creator-geek-software-gmbh •