Page 461 of 37793 results (0.106 seconds)

CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0

Cross Site Scripting vulnerability in DedeCMS v.5.7.113 allows a remote attacker to execute arbitrary code via the typeid parameter in the makehtml_list_action.php component. • https://gitee.com/zchuanwen/cve/issues/I9HQRY • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: -EPSS: 0%CPEs: -EXPL: 0

Directory Traversal vulnerability in lsgwr spring boot online exam v.0.9 allows an attacker to execute arbitrary code via the FileTransUtil.java component. • https://gist.github.com/Xiqinger/b3cb51f390d408c3c66c66e645ba5ac0 • CWE-26: Path Traversal: '/dir/../filename' •

CVSS: 7.2EPSS: 0%CPEs: -EXPL: 0

This could result in a Remote Code Execution. • https://sensepost.com/blog/2024/from-discovery-to-disclosure-recrystallize-server-vulnerabilities https://www.recrystallize.com/merchant/ReCrystallize-Server-for-Crysta • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 7.1EPSS: 0%CPEs: -EXPL: 0

Cross Site Scripting vulnerability found in Simplcommerce v.40734964b0811f3cbaf64b6dac261683d256f961 thru 3103357200c70b4767986544e01b19dbf11505a7 allows a remote attacker to execute arbitrary code via a crafted script to the search bar feature. • https://github.com/simplcommerce/SimplCommerce/issues/943 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

An issue in OpenStack Storlets yoga-eom allows a remote attacker to execute arbitrary code via the gateway.py component. • https://bugs.launchpad.net/solum/+bug/2047505 https://drive.google.com/file/d/11x-6CjWCyap8_W1JpVzun56HQkPNLtWT/view?usp=drive_link https://gist.github.com/Fewword/f098d8d6375ac25e27b18c0e57be532f • CWE-1333: Inefficient Regular Expression Complexity •