Page 4 of 8839 results (0.062 seconds)

CVSS: 5.3EPSS: 0%CPEs: -EXPL: 1

A vulnerability was found in 115cms up to 20240807 and classified as problematic. This issue affects some unknown processing of the file /app/admin/view/web_user.html. The manipulation of the argument ks leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Hebing123/cve/issues/70 https://vuldb.com/?ctiid.285503 https://vuldb.com/?id.285503 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0

Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of Code Las versiones 6.x a Infinity 24.1.1 de Pega Platform se ven afectadas por un problema con el control inadecuado de la generación de código • https://support.pega.com/support-doc/pega-security-advisory-d24-vulnerability-remediation-note • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

In combination with other gadgets, this can lead to arbitrary code execution. • https://developer.android.com/jetpack/androidx/releases/car-app#1.7.0-beta03 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-502: Deserialization of Untrusted Data •

CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0

Processing maliciously crafted web content may lead to arbitrary code execution. ... Apple iOS, macOS, and other Apple products contain an unspecified vulnerability when processing maliciously crafted web content that may lead to arbitrary code execution. • https://support.apple.com/en-us/121752 https://support.apple.com/en-us/121753 https://support.apple.com/en-us/121754 https://support.apple.com/en-us/121755 https://support.apple.com/en-us/121756 •

CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0

This could lead to local arbitrary code execution with no additional execution privileges needed. • https://source.android.com/security/bulletin/2018-07-01 • CWE-787: Out-of-bounds Write •