|
1801
|
8.8 |
HIGH
Network
|
-
|
-
|
An improper privilege management vulnerability in the web management interface of the Zyxel WBE530 firmware versions through 7.00(ACLE.3) and WBE660S firmware versions through 6.70(ACGG.2) could allo…
|
CWE-269
Improper Privilege Management
|
CVE-2024-12398
|
2025-01-14 11:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1802
|
- |
|
-
|
-
|
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accid…
|
-
|
CVE-2024-11637
|
2025-01-14 11:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1803
|
- |
|
-
|
-
|
SAP NetWeaver Application Server for ABAP and ABAP Platform allows an authenticated attacker to obtain illegitimate access to the system by exploiting improper authentication checks, resulting in pri…
|
CWE-287
Improper Authentication
|
CVE-2025-0070
|
2025-01-14 10:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1804
|
- |
|
-
|
-
|
Due to DLL injection vulnerability in SAPSetup, an attacker with either local user privileges or with access to a compromised corporate user?s Windows account could gain higher privileges. With this,…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2025-0069
|
2025-01-14 10:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1805
|
- |
|
-
|
-
|
An obsolete functionality in SAP NetWeaver Application Server ABAP did not perform necessary authorization checks. Because of this, an authenticated attacker could obtain information that would other…
|
CWE-862
Missing Authorization
|
CVE-2025-0068
|
2025-01-14 10:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1806
|
- |
|
-
|
-
|
Due to a missing authorization check on service endpoints in the SAP NetWeaver Application Server Java, an attacker with standard user role can create JCo connection entries, which are used for remot…
|
CWE-862
Missing Authorization
|
CVE-2025-0067
|
2025-01-14 10:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1807
|
- |
|
-
|
-
|
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `remuneracao.php` endp…
|
CWE-79
Cross-site Scripting
|
CVE-2025-23038
|
2025-01-14 10:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1808
|
- |
|
-
|
-
|
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `control.php` endpoint…
|
CWE-79
Cross-site Scripting
|
CVE-2025-23037
|
2025-01-14 10:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1809
|
- |
|
-
|
-
|
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `pre_cadastro_funci…
|
CWE-79
Cross-site Scripting
|
CVE-2025-23036
|
2025-01-14 10:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1810
|
- |
|
-
|
-
|
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_tipo_quadro…
|
CWE-79
Cross-site Scripting
|
CVE-2025-23035
|
2025-01-14 10:15 |
2025-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
