Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

Best Hackers:
{{ te.id }}. {{te.nameDis}}
CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}
Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2024-04-27
High
Positron Broadcast Signal Processor TRA7005 v1.20 Authentication Bypass
LiquidWorm
High
GitLens Git Local Configuration Execution
h00die
Med.
fvgfl - SQL Injection vulnerability
Mahdi Karimi
2024-04-25
Med.
FortiNet FortiClient EMS 7.2.2 / 7.0.10 SQL Injection / Remote Code Execution CVE-2023-48788
Spencer McIntyre
High
Relate Learning And Teaching system Version before 2024.1 SSTI(Markup Sandbox function) lead to RCE Multiple CVE
kai6u
High
Palo Alto PAN-OS Command Execution / Arbitrary File Creation CVE-2024-3400
Kr0ff
Med.
Palo Alto Networks PAN-OS Unauthenticated Remote Code Execution CVE-2024-3400
sfewer-r7
High
Hikvision Camera - Remote command execution
parsa rezaie khiabanloo
Med.
Apache Solr Backup/Restore API Remote Code Execution CVE-2023-50386
jheysel-r7
Low
Nginx 1.25.5 Host Header Validation
dhteam
2024-04-22
Med.
Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Authentication Bypass
LiquidWorm
Med.
LRMS-PHP-by-oretnom23-v1.0 hat-trick
nu11secur1ty
2024-04-21
High
WBCE CMS Version 1.6.1 Remote Command Execution (Authenticated)
tmrswrr

The latest CVEs

2024-04-29
CVE-2024-1579
Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) vulnerability in Secomea GateManager (Webserver modules) allows Session Hijacking.This issue affects GateManager: before 11.2.624071020.
CVE-2024-1969
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Secomea GateManager (webserver modules) allows crash of GateManager.This issue affects GateManager: from 9.7 before 11.2.624095033.
CVE-2024-4304
A Cross-Site Scripting XSS vulnerability has been detected on GT3 Soluciones SWAL. This vulnerability consists in a reflected XSS in the Titular parameter inside Gestion 'Documental > Seguimiento de Expedientes > Alta de Expedientes'.
CVE-2024-4306
Critical unrestricted file upload vulnerability in HubBank affecting version 1.0.2. This vulnerability allows a registered user to upload malicious PHP files via upload document fields, resulting in webshell execution.
CVE-2024-27322
Deserialization of untrusted data can occur in the R statistical programming language, on any version starting at 1.4.0 up to and not including 4.4.0, enabling a maliciously crafted RDS (R Data Serialization) formatted file or R package to run arbitrary code on an end user??s system when interacted with.
CVE-2024-33585
Missing Authorization vulnerability in Tyche Softwares Payment Gateway Based Fees and Discounts for WooCommerce.This issue affects Payment Gateway Based Fees and Discounts for WooCommerce: from n/a through 2.12.1.
CVE-2024-33586
Missing Authorization vulnerability in Photo Gallery Team Photo Gallery by 10Web.This issue affects Photo Gallery by 10Web: from n/a through 1.8.20.
CVE-2024-33587
Missing Authorization vulnerability in Copy Content Protection Team Secure Copy Content Protection and Content Locking.This issue affects Secure Copy Content Protection and Content Locking: from n/a through 3.9.0.
CVE-2024-33588
Missing Authorization vulnerability in codeSavory Knowledge Base documentation & wiki plugin ?? BasePress.This issue affects Knowledge Base documentation & wiki plugin ?? BasePress: from n/a through 2.16.1.
CVE-2024-4307
SQL injection vulnerability in HubBank affecting version 1.0.2. This vulnerability could allow an attacker to send a specially crafted SQL query to the database through different endpoints (/accounts/activities.php?id=1, /accounts/view-deposit.php?id=1, /accounts/view_cards. php?id=1, /accounts/wire-transfer.php?id=1 and /accounts/wiretransfer-pend...

Dorks

2024-04-27
Med.
fvgfl - SQL Injection vulnerability
"Web Design fvgfl"
 Mahdi Karimi
2024-04-25
High
Hikvision Camera - Remote command execution
In Shodan search engine, the filter is "Web Version="3.1.3.150324" http.favicon.hash:999357577"
 parsa rezaie khiabanloo
2024-04-21
Med.
North Wales - Sql Injection
"Web Design North Wales"
 behrouz mansoori
Med.
Solar-Log Base 2000- Broken Access Control
In Shodan search engine, the filter is ""Server: IPC@CHIP"" "http.favicon.hash:-1334408578 "655744600""
 parsa rezaie khiabanloo
2024-04-14
Med.
Bigem Teknoloji - Sql Injection
"Designed by Bigem Teknoloji"
 behrouz mansoori
Quick goto:

Bugtraq The latest CVEs Dorks
Search

Are you looking CVE for some product?

Top Vendors:

Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla
 
Full List of Vendors

Top Products:

Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx
 

Full List of Products

Top CWE:

CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)
 
Check CWE Dictionary

Donate:
is an open project developed and moderated fully by one independent person.
Help develop the project and make
Donations
Copyright 2024, cxsecurity.com

 

Back to Top