Page 474 of 45888 results (0.071 seconds)

CVSS: 6.1EPSS: 0%CPEs: -EXPL: 1

Cross Site Scripting (XSS) in Beekeeper Studio 4.1.13 and earlier allows remote attackers to execute arbitrary code in the column name of a database table in tabulator-popup-container. • https://github.com/EQSTLab/CVE-2024-23995 https://github.com/EQSTLab/PoC/blob/main/2024/RCE/CVE-2024-23995/README.md https://www.beekeeperstudio.io • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: -EXPL: 0

Cross Site Scripting vulnerability in Jfinalcms v.5.0.0 allows a remote attacker to execute arbitrary code via a crafted script to the friendship link component. • https://github.com/yukino-hiki/CVE/blob/main/4/There%20is%20a%20stored%20xss%20at%20the%20friendship%20link.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

An SSRF issue in the PDFMyURL service allows a remote attacker to obtain sensitive information and execute arbitrary code via a POST request in the url parameter Un problema SSRF en el servicio PDFMyURL permite a un atacante remoto obtener información confidencial y ejecutar código arbitrario mediante una solicitud POST en el parámetro URL • https://grumpz.net/uncovering-an-ssrf-vulnerability-in-pdfmyurl-affecting-numerous-users https://pdfmyurl.com • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 8.0EPSS: 0%CPEs: -EXPL: 0

SQL Injection vulnerability in Ecommerce-CodeIgniter-Bootstrap commit v. d22b54e8915f167a135046ceb857caaf8479c4da allows a remote attacker to execute arbitrary code via the manageQuantitiesAndProcurement method of the Orders_model.php component. • https://gist.github.com/LioTree/5c963a37e2c335c22e74ca3d9aea32bb https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/commit/d22b54e8915f167a135046ceb857caaf8479c4da https://liotree.github.io/2023/Ecommerce-CodeIgniter-Bootstrap.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0

An issue in Ecommerce-CodeIgniter-Bootstrap commit v. d22b54e8915f167a135046ceb857caaf8479c4da allows a remote attacker to execute arbitrary code via the saveLanguageFiles method of the Languages.php component. • https://gist.github.com/LioTree/f83e25b2c5e144c0b3ad8919e6483c7a https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/commit/d22b54e8915f167a135046ceb857caaf8479c4da https://liotree.github.io/2023/Ecommerce-CodeIgniter-Bootstrap.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •