Show filters
298,052 Total Results
Displaying 1-10 of 10,000
Refine your search criteria for more targeted results.
Sort by:
Attacker Value
Unknown

CVE-2024-28714

Disclosure Date: March 28, 2024 (last updated March 29, 2024)
SQL Injection vulnerability in CRMEB_Java e-commerce system v.1.3.4 allows an attacker to execute arbitrary code via the groupid parameter.
0
Attacker Value
Unknown

CVE-2024-28456

Disclosure Date: March 28, 2024 (last updated March 29, 2024)
Cross Site Scripting vulnerability in Campcodes Online Marriage Registration System v.1.0 allows a remote attacker to execute arbitrary code via the text fields in the marriage registration request form.
0
Attacker Value
Unknown

CVE-2024-24407

Disclosure Date: March 28, 2024 (last updated March 29, 2024)
SQL Injection vulnerability in Best Courier management system v.1.0 allows a remote attacker to obtain sensitive information via print_pdets.php component.
0
Attacker Value
Unknown

CVE-2023-50969

Disclosure Date: March 28, 2024 (last updated March 29, 2024)
Thales Imperva SecureSphere WAF 14.7.0.40 allows remote attackers to bypass WAF rules via a crafted POST request, a different vulnerability than CVE-2021-45468.
0
Attacker Value
Unknown

CVE-2023-33528

Disclosure Date: March 28, 2024 (last updated March 29, 2024)
halo v1.6.0 is vulnerable to Cross Site Scripting (XSS).
0
Attacker Value
Unknown

CVE-2021-31156

Disclosure Date: March 28, 2024 (last updated March 29, 2024)
Allied Telesis AT-S115 1.2.0 devices before 1.00.024 with Boot Loader 1.00.006 allow Directory Traversal to achieve partial access to data.
0
Attacker Value
Unknown

CVE-2023-25341

Disclosure Date: March 28, 2024 (last updated March 29, 2024)
A Directory Traversal vulnerability in ladle dev server 2.5.1 and earlier allows an attacker on the same network to read files accessible to the user via GET requests.
0
Attacker Value
Unknown

CVE-2024-23727

Disclosure Date: March 28, 2024 (last updated March 29, 2024)
The YI Smart Kami Vision com.kamivision.yismart application through 1.0.0_20231219 for Android allows a remote attacker to execute arbitrary JavaScript code via an implicit intent to the com.ants360.yicamera.activity.WebViewActivity component.
0
Attacker Value
Unknown

CVE-2024-28091

Disclosure Date: March 28, 2024 (last updated March 29, 2024)
Technicolor TC8715D TC8715D-01.EF.04.38.00-180405-S-FF9-D RSE-TC8717T devices allow a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via User Defined Service in managed_services_add.asp (the victim must click an X for a deletion).
0
Attacker Value
Unknown

CVE-2024-28090

Disclosure Date: March 28, 2024 (last updated March 29, 2024)
Technicolor TC8715D TC8715D-01.EF.04.38.00-180405-S-FF9-D RSE-TC8717T devices allow a remote attacker within Wi-Fi proximity to conduct stored XSS attacks via User name in dyn_dns.asp.
0