|
981
|
8.8 |
HIGH
Network
|
-
|
-
|
The Backup Migration plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.6 via deserialization of untrusted input in the 'recursive_unserialize_replac…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-10932
|
2025-01-4 17:15 |
2025-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
982
|
- |
|
-
|
-
|
A vulnerability was found in code-projects Student Management System 1.0. It has been declared as critical. This vulnerability affects the function showSubject1 of the file /config/DbFunction.php. Th…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0203
|
2025-01-4 16:15 |
2025-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
983
|
- |
|
-
|
-
|
A vulnerability was found in TCS BaNCS 10. It has been classified as problematic. This affects an unknown part of the file /REPORTS/REPORTS_SHOW_FILE.jsp. The manipulation of the argument FilePath le…
|
CWE-73
External Control of File Name or Path
|
CVE-2025-0202
|
2025-01-4 14:15 |
2025-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
984
|
- |
|
-
|
-
|
A vulnerability was found in code-projects Point of Sales and Inventory Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /user/update…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0201
|
2025-01-4 13:15 |
2025-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
985
|
- |
|
-
|
-
|
A vulnerability has been found in code-projects Point of Sales and Inventory Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0200
|
2025-01-4 12:15 |
2025-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
986
|
- |
|
-
|
-
|
An issue was discovered in Optimizely EPiServer.CMS.Core before 12.32.0. A medium-severity vulnerability exists in the CMS, where the application does not properly validate uploaded files. This allow…
|
-
|
CVE-2025-22389
|
2025-01-4 12:15 |
2025-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
987
|
- |
|
-
|
-
|
A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewal…
|
-
|
CVE-2024-3393
|
2025-01-4 11:00 |
2024-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
988
|
- |
|
-
|
-
|
A vulnerability, which was classified as critical, was found in code-projects Point of Sales and Inventory Management System 1.0. Affected is an unknown function of the file /user/minus_cart.php. The…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0199
|
2025-01-4 08:15 |
2025-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
989
|
4.3 |
MEDIUM
Network
|
-
|
-
|
IBM PowerHA SystemMirror for i 7.4 and 7.5
does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to …
|
-
|
CVE-2024-55897
|
2025-01-4 08:15 |
2025-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
990
|
5.4 |
MEDIUM
Network
|
-
|
-
|
IBM PowerHA SystemMirror for i 7.4 and 7.5 contains improper restrictions when rendering content via iFrames. This vulnerability could allow an attacker to gain improper access and perform unauthori…
|
CWE-451
User Interface (UI) Misrepresentation of Critical Information
|
CVE-2024-55896
|
2025-01-4 08:15 |
2025-01-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
