Show filters
623 Total Results
Displaying 121-130 of 623
Sort by:
Attacker Value
Unknown
CVE-2024-5619
Disclosure Date: July 18, 2024 (last updated February 26, 2025)
Authorization Bypass Through User-Controlled Key vulnerability in PruvaSoft Informatics Apinizer Management Console allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Apinizer Management Console: before 2024.05.1.
0
Attacker Value
Unknown
CVE-2024-5618
Disclosure Date: July 18, 2024 (last updated February 26, 2025)
Incorrect Permission Assignment for Critical Resource vulnerability in PruvaSoft Informatics Apinizer Management Console allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Apinizer Management Console: before 2024.05.1.
0
Attacker Value
Unknown
CVE-2024-37934
Disclosure Date: July 09, 2024 (last updated February 26, 2025)
Improper Control of Generation of Code ('Code Injection') vulnerability in Saturday Drive Ninja Forms allows Code Injection.This issue affects Ninja Forms: from n/a through 3.8.4.
0
Attacker Value
Unknown
CVE-2024-0949
Disclosure Date: June 27, 2024 (last updated February 26, 2025)
Improper Access Control, Missing Authorization, Incorrect Authorization, Incorrect Permission Assignment for Critical Resource, Missing Authentication, Weak Authentication, Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Talya Informatics Elektraweb allows Exploiting Incorrectly Configured Access Control Security Levels, Manipulating Web Input to File System Calls, Embedding Scripts within Scripts, Malicious Logic Insertion, Modification of Windows Service Configuration, Malicious Root Certificate, Intent Spoof, WebView Exposure, Data Injected During Configuration, Incomplete Data Deletion in a Multi-Tenant Environment, Install New Service, Modify Existing Service, Install Rootkit, Replace File Extension Handlers, Replace Trusted Executable, Modify Shared File, Add Malicious File to Shared Webroot, Run Software at Logon, Disable Security Software.This issue affects Elektraweb: before v17.0.68.
0
Attacker Value
Unknown
CVE-2024-0947
Disclosure Date: June 27, 2024 (last updated February 26, 2025)
Reliance on Cookies without Validation and Integrity Checking vulnerability in Talya Informatics Elektraweb allows Session Credential Falsification through Manipulation, Accessing/Intercepting/Modifying HTTP Cookies, Manipulating Opaque Client-based Data Tokens.This issue affects Elektraweb: before v17.0.68.
0
Attacker Value
Unknown
CVE-2022-45803
Disclosure Date: June 21, 2024 (last updated February 26, 2025)
Missing Authorization vulnerability in Nikolay Strikhar WordPress Form Builder Plugin – Gutenberg Forms.This issue affects WordPress Form Builder Plugin – Gutenberg Forms: from n/a through 2.2.8.3.
0
Attacker Value
Unknown
CVE-2023-38393
Disclosure Date: June 19, 2024 (last updated February 26, 2025)
Missing Authorization vulnerability in Saturday Drive Ninja Forms.This issue affects Ninja Forms: from n/a through 3.6.25.
0
Attacker Value
Unknown
CVE-2023-51524
Disclosure Date: June 12, 2024 (last updated February 26, 2025)
Missing Authorization vulnerability in weForms.This issue affects weForms: from n/a through 1.6.18.
0
Attacker Value
Unknown
CVE-2024-23521
Disclosure Date: June 11, 2024 (last updated February 26, 2025)
Missing Authorization vulnerability in Happyforms.This issue affects Happyforms: from n/a through 1.25.10.
0
Attacker Value
Unknown
CVE-2024-35747
Disclosure Date: June 10, 2024 (last updated February 26, 2025)
Improper Restriction of Excessive Authentication Attempts vulnerability in wpdevart Contact Form Builder, Contact Widget allows Functionality Bypass.This issue affects Contact Form Builder, Contact Widget: from n/a through 2.1.7.
0
