A vulnerability has been found in Fujian Kelixin Communication Command and Dispatch Platform up to 20240318 and classified as critical. Affected by this vulnerability is an unknown functionality of th...

Memory safety bugs present in Firefox 123. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code....

A vulnerability was found in SourceCodester File Manager App 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/update-file.php. The manipulation of t...

Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerabil...

An SQL injection vulnerability exists in the BIG-IP Next Central Manager API (URI). Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated

A missing authentication for critical function in Fortinet FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.14, FortiPAM version 1.2.0, 1.1.0 thro...

An unauthenticated remote attacker can write memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization.

An unauthenticated remote attacker can perform a remote code execution due to an origin validation error. The access is limited to the service user.

An unauthenticated remote attacker can modify configurations to perform a remote code execution, gain root rights or perform an DoS due to improper input validation.

iDRAC9, versions prior to 7.00.00.172 for 14th Generation and 7.10.50.00 for 15th and 16th Generations, contains a session hijacking vulnerability in IPMI. A remote attacker could potentially exploit ...

Missing Authorization vulnerability in Metagauss RegistrationMagic.This issue affects RegistrationMagic: from n/a through 5.2.5.9.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Sitepact.This issue affects Sitepact: from n/a through 1.0.5.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Joel Starnes postMash – custom post order.This issue affects postMash – custom post order: from n/...

Unrestricted Upload of File with Dangerous Type vulnerability in SYSBASICS WooCommerce Easy Checkout Field Editor, Fees & Discounts.This issue affects WooCommerce Easy Checkout Field Editor, Fees & Di...

Unrestricted Upload of File with Dangerous Type vulnerability in Skymoonlabs MoveTo.This issue affects MoveTo: from n/a through 6.2.

Missing Authorization vulnerability in Skymoonlabs MoveTo.This issue affects MoveTo: from n/a through 6.2.

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Skymoonlabs MoveTo.This issue affects MoveTo: from n/a through 6.2.

ChurchCRM 5.5.0 FRCatalog.php is vulnerable to Blind SQL Injection (Time-based) via the CurrentFundraiser GET parameter.

ChurchCRM 5.5.0 /EventEditor.php is vulnerable to Blind SQL Injection (Time-based) via the EventCount POST parameter.

Netis WF2780 v2.1.40144 was discovered to contain a command injection vulnerability via the wps_ap_ssid5g parameter

In the module "Make an offer" (makeanoffer) <= 1.7.1 from PrestaToolKit for PrestaShop, a guest can perform SQL injection via MakeOffers::checkUserExistingOffer()` and `MakeOffers::addUserOffer()` .

SQL Injection vulnerability in MyPrestaModules "Product Catalog (CSV, Excel) Import" (simpleimportproduct) modules for PrestaShop versions 6.5.0 and before, allows attackers to escalate privileges and...

In the module "CD Custom Fields 4 Orders" (cdcustomfields4orders) <= 1.0.0 from Cleanpresta.com for PrestaShop, a guest can perform SQL injection in affected versions.

In the module "Import/Update Bulk Product from any Csv/Excel File Pro" (ba_importer) up to version 1.1.28 from Buy Addons for PrestaShop, a guest can perform SQL injection in affected versions.