Page 22 of 47241 results (0.389 seconds)

CVSS: -EPSS: 0%CPEs: -EXPL: 0

H3C GR-1800AX MiniGRW1B0V100R007 is vulnerable to remote code execution (RCE) via the aspForm parameter. • http://tjr181.com/2024/11/08/H3C%20GR-1800AX •

CVSS: -EPSS: 0%CPEs: -EXPL: 0

An arbitrary file upload vulnerability in the component /admin/friendlink_edit of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file. • https://co-a1natas.feishu.cn/docx/Zsd9dnGUvoBW6tx0G5fcVx6vnBb https://github.com/DedeBIZ/DedeV6 •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

An arbitrary file upload vulnerability in the component /admin/file_manage_control of DedeBIZ v6.3.0 allows attackers to execute arbitrary code via uploading a crafted file. • https://co-a1natas.feishu.cn/docx/Zsd9dnGUvoBW6tx0G5fcVx6vnBb https://github.com/DedeBIZ/DedeV6 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • source=cve https://plugins.trac.wordpress.org/changeset/3192738/contest-code-checker/trunk/free/admin/prizes/class-prizes-table.php • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

An app may be able to execute arbitrary code with kernel privileges. • https://support.apple.com/en-us/120911 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •