Search Results | AttackerKB

Show filters

Topics 5,937 Users 9,730

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

5,937 Total Results

Displaying 151-160 of 5,937

Attacker Value

Unknown

CVE-2024-11999

Disclosure Date: December 17, 2024 (last updated December 18, 2024)

CWE-1104: Use of Unmaintained Third-Party Components vulnerability exists that could cause complete control of the device when an authenticated user installs malicious code into HMI product.

0

Attacker Value

Unknown

CVE-2024-55988

Disclosure Date: December 16, 2024 (last updated December 18, 2024)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Amol Nirmala Waman Navayan CSV Export allows Blind SQL Injection.This issue affects Navayan CSV Export: from n/a through 1.0.9.

0

Attacker Value

Unknown

CVE-2024-54417

Disclosure Date: December 16, 2024 (last updated December 18, 2024)

Missing Authorization vulnerability in Pixelgrade PixProof allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects PixProof: from n/a through 2.0.1.

0

Attacker Value

Unknown

CVE-2024-54409

Disclosure Date: December 16, 2024 (last updated December 18, 2024)

Cross-Site Request Forgery (CSRF) vulnerability in fzmaster @ XPD XPD Reduce Image Filesize allows Stored XSS.This issue affects XPD Reduce Image Filesize: from n/a through 1.0.

0

Attacker Value

Unknown

CVE-2024-54305

Disclosure Date: December 13, 2024 (last updated December 18, 2024)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in woocs J&T Express Malaysia allows Reflected XSS.This issue affects J&T Express Malaysia: from n/a through 2.0.13.

0

Attacker Value

Unknown

CVE-2024-54262

Disclosure Date: December 13, 2024 (last updated December 18, 2024)

Unrestricted Upload of File with Dangerous Type vulnerability in Siddharth Nagar Import Export For WooCommerce allows Upload a Web Shell to a Web Server.This issue affects Import Export For WooCommerce: from n/a through 1.5.

0

Attacker Value

Unknown

CVE-2024-54231

Disclosure Date: December 13, 2024 (last updated December 18, 2024)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in anzia Ni WooCommerce Order Export allows Reflected XSS.This issue affects Ni WooCommerce Order Export: from n/a through 3.1.6.

0

Attacker Value

Unknown

CVE-2022-47182

Disclosure Date: December 13, 2024 (last updated December 18, 2024)

Missing Authorization vulnerability in Wpexpertsio APIExperts Square for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects APIExperts Square for WooCommerce: from n/a through 4.4.1.

0

Attacker Value

Unknown

CVE-2022-46811

Disclosure Date: December 13, 2024 (last updated December 18, 2024)

Missing Authorization vulnerability in VillaTheme(villatheme.com) ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ALD – Dropshipping and Fulfillment for AliExpress and WooCommerce: from n/a through 1.0.21.

0

Attacker Value

Unknown

CVE-2024-4109

Disclosure Date: December 12, 2024 (last updated January 17, 2025)

Rejected reason: Red Hat Product Security has determined that this CVE is not a security vulnerability.

0