Page 95 of 35152 results (0.087 seconds)

CVSS: 8.8EPSS: 0%CPEs: -EXPL: 0

SQL injection vulnerability in employee-management-system-php-and-mysql-free-download.html taskmatic 1.0 allows a remote attacker to execute arbitrary code via the admin_id parameter of the /update-employee.php component. • https://gitee.com/lssrain/taskmatic/issues/IAUXOL • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 9.8EPSS: 0%CPEs: -EXPL: 1

angular-base64-upload prior to v0.1.21 is vulnerable to unauthenticated remote code execution via demo/server.php. ... This leads to the execution of previously uploaded content and enables the attacker to achieve code execution on the server. • https://github.com/rvizx/CVE-2024-42640 https://github.com/adonespitogo/angular-base64-upload https://www.zyenra.com/blog/unauthenticated-rce-in-angular-base64-upload.html • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. ... An attacker can leverage this vulnerability to execute code in the context of the current process. •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. ... An attacker can leverage this vulnerability to execute code in the context of the current process. •

CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tungsten Automation Power PDF. ... An attacker can leverage this vulnerability to execute code in the context of the current process. •