5.3
CVE-2024-10071 - ESAFENET CDG EncryptPolicyService.java actionUpdateEncryptPolicyEdit sql injection
A vulnerability classified as critical was found in ESAFENET CDG 5. This vulnerability affects the function actionUpdateEncryptPolicyEdit of the file /com/esafenet/servlet/policy/EncryptPolicyService.java. The manipulation of the argument encryptPolicyId leads to sql injection. The attack can be inβ¦
7
CVE-2024-9414 - Cross-site Scripting vulnerability in LCDS LAquis SCADA
In LAquis SCADA version 4.7.1.511, a cross-site scripting vulnerability could allow an attacker to inject arbitrary code into a web page. This could allow an attacker to steal cookies, redirect users, or perform unauthorized actions.
5.3
CVE-2018-25104 - CoinGate Plugin Payment callback.php postProcess logic error
A vulnerability was found in CoinGate Plugin up to 1.2.7 on PrestaShop. It has been rated as problematic. Affected by this issue is the function postProcess of the file modules/coingate/controllers/front/callback.php of the component Payment Handler. The manipulation leads to business logic errors.β¦
5.3
CVE-2024-10070 - ESAFENET CDG PolicyPushControlAction.java actionPolicyPush sql injection
A vulnerability classified as critical has been found in ESAFENET CDG 5. This affects the function actionPolicyPush of the file /com/esafenet/policy/action/PolicyPushControlAction.java. The manipulation of the argument policyId leads to sql injection. It is possible to initiate the attack remotely.β¦
5.3
CVE-2024-10069 - ESAFENET CDG MailDecryptApplicationService.java actionPassMainApplication sql injection
A vulnerability was found in ESAFENET CDG 5. It has been rated as critical. Affected by this issue is the function actionPassMainApplication of the file /com/esafenet/servlet/client/MailDecryptApplicationService.java. The manipulation of the argument id leads to sql injection. The attack may be lauβ¦
5.5
CVE-2024-47459 - Substance3D - Sampler | NULL Pointer Dereference (CWE-476)
Substance3D - Sampler versions 4.5 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to an application denial-of-service (DoS) condition. An attacker could exploit this vulnerability to crash the application, resulting in a DoS. Exploitation of this issue requiresβ¦
9.1
CVE-2024-48920 - PutongOJ: unprivileged users can escalate privileges by constructing requests
PutongOJ is online judging software. Prior to version 2.1.0-beta.1, unprivileged users can escalate privileges by constructing requests. This can lead to unauthorized access, enabling users to perform admin-level operations, potentially compromising sensitive data and system integrity. This problemβ¦
6.3
CVE-2005-10003 - mikexstudios Xcomic os command injection
A vulnerability classified as critical has been found in mikexstudios Xcomic up to 0.8.2. This affects an unknown part. The manipulation of the argument cmd leads to os command injection. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability β¦
7.2
CVE-2024-6333 - Authenticated Remote Code Execution in Altalink, Versalink & WorkCentre Products
Authenticated Remote Code Execution in Altalink, Versalink & WorkCentre Products.
0.0
CVE-2024-49315 - WordPress FREE DOWNLOAD MANAGER plugin <= 1.0.0 - Arbitrary File Deletion vulnerability
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in CodeFlock FREE DOWNLOAD MANAGER free-download-manager allows Path Traversal.This issue affects FREE DOWNLOAD MANAGER: from n/a through <= 1.0.0.