□ CVE-2024-0475A vulnerability, which was classified as critical, has been found in code-projects Dormitory Management System 1.0. □ CVE-2024-22137Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MailMunch Constant Contact Forms by MailMunch allows Stored XSS.This issue affects Constant Contact Forms by MailMunch: from n/a through 00:37:24 □ CVE-2023-51961Tenda AX1803 v1.0.0.1 contains a stack overflow via the parameter in the function 00:37:25 □ CVE-2023-51966Tenda AX1803 v1.0.0.1 contains a stack overflow via the parameter in the function 01:37:24 □ CVE-2023-51955Tenda AX1803 v1.0.0.1 contains a stack overflow via the parameter in the function 01:37:25 □ CVE-2023-46805An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control 01:37:32 □ CVE-2024-21887A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the 02:07:24 □ CVE-2023-33472An issue was discovered in Scada-LTS v2.7.5.2 build 4551883606 and before, allows remote attackers with low-level authentication to escalate privileges, execute arbitrary code, and obtain sensitive information via Event Handlers 02:07:25 A weak HMAC secret poses a risk because attackers can use the predictable secret to create valid JSON Web Tokens (JWTs), allowing them access to important information and actions within the 02:37:24 The HMAC secret used for generating tokens is hardcoded as "secret". □ CVE-2023-46943An issue was discovered in NPM's package before version 1.0.0-rc.8. □ CVE-2023-51062An unauthenticated log file read in the component log-smblog-save of QStar Archive Solutions RELEASE_3-0 Build 7 Patch 0 allows attackers to disclose the SMB Log contents via executing a crafted 02:37:25 □ CVE-2023-51064QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 was discovered to contain a DOM Based reflected XSS vulnerability within the component 04:37:24 □ CVE-2023-51067An unauthenticated reflected cross-site scripting (XSS) vulnerability in QStar Archive Solutions Release RELEASE_3-0 Build 7 allows attackers to execute arbitrary javascript on a victim's browser via a crafted 04:37:25
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |