Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2024-07-17
Med.
Low
High
Med.
2024-07-16
Med.
Low
2024-07-15
Med.
2024-07-12
Med.
2024-07-11
Low
High
Med.
Med.
2024-07-10
Low

The latest CVEs

Dorks

2024-07-18
CVE-2023-43971
Cross Site Scripting vulnerability in ACG-faka v1.1.7 allows a remote attacker to execute arbitrary code via the encode parameter in Index.php.
CVE-2024-40492
Cross Site Scripting vulnerability in Heartbeat Chat v.15.2.1 allows a remote attacker to execute arbitrary code via the setname function.
2024-07-17
CVE-2024-29885
silverstripe/reports is an API for creating backend reports in the Silverstripe Framework. In affected versions reports can be accessed by their direct URL by any user who has access to view the reports admin section, even if the `canView()` method for that report returns `false`. This issue has been addressed in version 5.2.3. All users are advise...
CVE-2024-32981
Silverstripe framework is the PHP framework forming the base for the Silverstripe CMS. In affected versions a bad actor with access to edit content in the CMS could add send a specifically crafted encoded payload to the server, which could be used to inject a JavaScript payload on the front end of the site. The payload would be sanitised on the cli...
CVE-2024-39124
In Roundup before 2.4.0, classhelpers (_generic.help.html) allow XSS.
CVE-2024-39125
Roundup before 2.4.0 allows XSS via a SCRIPT element in an HTTP Referer header.
CVE-2024-39126
Roundup before 2.4.0 allows XSS via JavaScript in PDF, XML, and SVG documents.
CVE-2024-40119
Nepstech Wifi Router xpon (terminal) model NTPL-Xpon1GFEVN v.1.0 Firmware V2.0.1 contains a Cross-Site Request Forgery (CSRF) vulnerability in the password change function, which allows remote attackers to change the admin password without the user's consent, leading to a potential account takeover.
CVE-2024-40402
A SQL injection vulnerability was found in 'ajax.php' of Sourcecodester Simple Library Management System 1.0. This vulnerability stems from insufficient user input validation of the 'username' parameter, allowing attackers to inject malicious SQL queries.
CVE-2023-42010
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.2 could disclose sensitive information in the HTTP response using man in the middle techniques. IBM X-Force ID: 265507.
2024-07-15
Med.
lajeh - SQL Injection vulnerability
"Powered by lajeh"
Mahdi Karimi
2024-07-12
Med.
lajeh - SQL Injection vulnerability
"Powered by lajeh"
Mahdi Karimi
2024-07-09
Med.
Bluesoft Infotech - Blind Sql Injection Vulnerability
"Designed by Bluesoft Infotech"
behrouz mansoori
Med.
Neetai Tech - Sql Injection
"Reserved By Neetai Tech"
behrouz mansoori
Med.
Cinema Booking System - Multiple Vulnerabilities
intitle:Cinema Booking System
bRpsd

Copyright 2024, cxsecurity.com

 

Back to Top