CXSECURITY.COM Free Security List

Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected

{{te.id}}. {{te.nameDis}} ({{te.count}})

Random comment

{{ x.title }}
{{ x.auth }}

Voted

{{ x.nameSh }} +{{x.pos}} {{x.neg}}

Check the Bugtraq

2024-05-22
Med.	WordPress XStore Theme 9.3.8 SQL Injection CVE-2024-33559 Abdualhadi Khalifa
High	CHAOS 5.0.8 Cross Site Scripting / Remote Command Execution CVE-2024-30850 h00die
Med.	Webmirchi - Sql Injection behrouz mansoori
Low	Rocket LMS 1.9 Cross Site Scripting CVE-2024-34241 Sergio Medeiros
Med.	Axiomatic - Blind Sql Injection behrouz mansoori
Med.	TENANT-LIMITED-1.0 SQLi nu11secur1ty
Med.	MVOGMS-by-oretnom23-v1.0 Multiple SQLi nu11secur1ty
Low	Nethserver 7 / 8 Cross Site Scripting CVE-2024-34058 Andrea Intilangelo
High	AVideo WWBNIndex Plugin Unauthenticated Remote Code Execution Valentin Lobstein
Med.	Chat Bot 1.0 SQL Injection nu11secur1ty
2024-05-20
Med.	Apache OFBiz 18.12.12 Directory Traversal Abdualhadi Khalifa
Med.	Tenant Limited 1.0 SQL Injection nu11secur1ty
Med.	Oracuz - Sql Injection behrouz mansoori

Dorks

2024-05-23
CVE-2024-31843	An issue was discovered in Italtel Embrace 1.6.4. The Web application does not properly check the parameters sent as input before they are processed on the server side. This allows authenticated users to execute commands on the Operating System.
CVE-2024-35079	An arbitrary file upload vulnerability in the uploadAudio method of inxedu v2024.4 allows attackers to execute arbitrary code via uploading a crafted .jsp file.
CVE-2024-35080	An arbitrary file upload vulnerability in the gok4 method of inxedu v2024.4 allows attackers to execute arbitrary code via uploading a crafted .jsp file.
CVE-2024-35375	There is an arbitrary file upload vulnerability on the media add .php page in the backend of the website in version 5.7.114 of DedeCMS
CVE-2024-35570	An arbitrary file upload vulnerability in the component \controller\ImageUploadController.class of inxedu v2.0.6 allows attackers to execute arbitrary code via uploading a crafted jsp file.
CVE-2024-2301	Certain HP LaserJet Pro devices are potentially vulnerable to a Cross-Site Scripting (XSS) attack via the web management interface of the device.
CVE-2024-34927	A SQL injection vulnerability in /model/update_classroom.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the name parameter.
CVE-2024-34928	A SQL injection vulnerability in /model/update_subject_routing.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the grade parameter.
CVE-2024-34929	A SQL injection vulnerability in /view/find_friends.php in Campcodes Complete Web-Based School Management System 1.0 allows an attacker to execute arbitrary SQL commands via the my_index parameter.
CVE-2024-34930	A SQL injection vulnerability in /model/all_events1.php in Campcodes Complete Web-Based School Management System 1.0 allows attacker to execute arbitrary SQL commands via the month parameter.

2024-05-22
Med.	Webmirchi - Sql Injection "Powered by Webmirchi"	behrouz mansoori
Med.	Axiomatic - Blind Sql Injection "Design by Axiomatic.it"	behrouz mansoori
2024-05-20
Med.	Oracuz - Sql Injection "Design by Oracuz"	behrouz mansoori
Med.	82webmaster - Sql Injection "Design & Developed By: 82webmaster"	behrouz mansoori
Med.	VSP Softtech - Sql Injection "Developed By VSP Softtech"	behrouz mansoori

Quick goto:

Bugtraq The latest CVEs Dorks
Search

Bugtraq

CVEMAP

By Author

CVE Id

CWE Id

By vendors

By products

Are you looking CVE for some product?

Top Vendors:
Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla

Full List of Vendors

Top Products:
Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx

Full List of Products

Top CWE:
CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)

Check CWE Dictionary

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and make
Donations

Bugtraq Stats

CVE database

Affected

Random comment

Voted

2024-05-22

Med.

High

Med.

Low

Med.

Med.

Med.

Low

High

Med.

2024-05-20

Med.

Med.

Med.

The latest CVEs

2024-05-23

Dorks

2024-05-22

Med.

Med.

2024-05-20

Med.

Med.

Med.

Quick goto:

Are you looking CVE for some product?

Top Vendors:

Top Products:

Top CWE:

Donate:

is an open project developed and moderated fully by one independent person.

Help develop the project and makeDonations

Help develop the project and make
Donations