5.1
CVE-2024-13137 - wangl1989 mysiteforme SiteController RestResponse cross site scripting
A vulnerability was found in wangl1989 mysiteforme 1.0. It has been classified as problematic. This affects the function RestResponse of the file src/main/java/com/mysiteforme/admin/controller/system/SiteController. The manipulation leads to cross site scripting. It is possible to initiate the attaโฆ
5.3
CVE-2024-13136 - wangl1989 mysiteforme ShiroConfig.java rememberMeManager deserialization
A vulnerability was found in wangl1989 mysiteforme 1.0 and classified as critical. Affected by this issue is the function rememberMeManager of the file src/main/java/com/mysiteforme/admin/config/ShiroConfig.java. The manipulation leads to deserialization. The attack may be launched remotely. The exโฆ
5.3
CVE-2024-13135 - Emlog Pro Subpage twitter.php cross site scripting
A vulnerability has been found in Emlog Pro 2.4.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/twitter.php of the component Subpage Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploโฆ
5.3
CVE-2024-13134 - ZeroWdd studentmanager TeacherController. java editTeacher unrestricted upload
A vulnerability, which was classified as critical, was found in ZeroWdd studentmanager 1.0. Affected is the function addTeacher/editTeacher of the file src/main/Java/com/wdd/studentmanager/controller/TeacherController. java. The manipulation of the argument file leads to unrestricted upload. It is โฆ
5.1
CVE-2025-0219 - Trimble SPS851 Receiver Status Identity Tab cross site scripting
A vulnerability, which was classified as problematic, has been found in Trimble SPS851 488.01. Affected by this issue is some unknown functionality of the component Receiver Status Identity Tab. The manipulation of the argument System Name leads to cross site scripting. The attack may be launched rโฆ
5.3
CVE-2024-13133 - ZeroWdd studentmanager StudentController. java editStudent unrestricted upload
A vulnerability, which was classified as critical, has been found in ZeroWdd studentmanager 1.0. This issue affects the function addStudent/editStudent of the file src/main/Java/com/wdd/studentmanager/controller/StudentController. java. The manipulation of the argument file leads to unrestricted upโฆ
5.3
CVE-2024-13132 - Emlog Pro Subpage article.php cross site scripting
A vulnerability classified as problematic was found in Emlog Pro up to 2.4.3. This vulnerability affects unknown code of the file /admin/article.php of the component Subpage Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosedโฆ
0.0
CVE-2024-13131 -
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-9680. Reason: This candidate is a reservation duplicate of CVE-2019-9680. Notes: All CVE users should reference CVE-2019-9680 instead of this candidate. All references and descriptions in this candidate have been removed to preventโฆ
5.3
CVE-2024-13130 - Dahua IPC-HFW1200S Web Interface Sha1Account1 path traversal
A vulnerability was found in Dahua IPC-HFW1200S, IPC-HFW2300R-Z, IPC-HFW5220E-Z and IPC-HDW1200S up to 20241222. It has been rated as problematic. Affected by this issue is some unknown functionality of the file ../mtd/Config/Sha1Account1 of the component Web Interface. The manipulation leads to paโฆ
2.1
CVE-2025-0214 - TMD Custom Header Menu index.php sql injection
A vulnerability was found in TMD Custom Header Menu 4.0.0.1 on OpenCart. It has been rated as problematic. This issue affects some unknown processing of the file /admin/index.php. The manipulation of the argument headermenu_id leads to sql injection. The attack may be initiated remotely. The compleโฆ