Page 278 of 34762 results (0.028 seconds)

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

A SQL Injection vulnerability in itsourcecode Billing System 1.0 allows a local attacker to execute arbitrary code in process.php via the username parameter. • https://github.com/ganzhi-qcy/cve/issues/3 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0

A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. ... This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. • https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 50

This makes it possible for authenticated attackers, with author access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://github.com/Notselwyn/CVE-2024-1086 https://github.com/amalmurali47/git_rce https://github.com/zgzhang/cve-2024-6387-poc https://github.com/acrono/cve-2024-6387-poc https://github.com/amlweems/xzbot https://github.com/h4x0r-dz/CVE-2024-23897 https://github.com/h4x0r-dz/CVE-2024-3400 https://github.com/h4x0r-dz/CVE-2024-21762 https://github.com/h4x0r-dz/CVE-2024-21893.py https://github.com/hakaioffsec/CVE-2024-21338 https://github.com/varwara/CVE • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 6.0EPSS: 0%CPEs: -EXPL: 0

Cross-site scripting (XSS) vulnerability in GUnet OpenEclass E-learning Platform version 3.15 and before allows a authenticated privileged attacker to execute arbitrary code via the title and description fields of the badge template editing function. • https://github.com/FreySolarEye/CVE/blob/master/GUnet%20OpenEclass%20E-learning%20platform%203.15%20-%20%27certbadge.php%27%20Stored%20Cross%20Site%20Scripting • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fuji Electric Tellus Lite. • https://www.cisa.gov/news-events/ics-advisories/icsa-24-165-14 • CWE-787: Out-of-bounds Write •