Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

Best Hackers:
{{ te.id }}. {{te.nameDis}}
CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}
Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2024-06-09
High
changedetection 0.45.20 Remote Code Execution CVE-2024-32651
Zach Crosman
2024-06-08
Med.
Neetai Tech - Blind Sql Injection
behrouz mansoori
2024-06-07
Med.
Aquatronica Control System 5.1.6 Password Disclosure
LiquidWorm
Med.
Check Point Security Gateway Information Disclosure CVE-2024-24919
Yesith Alvarez
Med.
Online Fire Reporting System OFRS SQL Injection Authentication Bypass
Diyar Saadi
High
CMSimple 5.15 Remote Shell Upload
Ahmet Umit Bayram
High
appRain CMF 4.0.5 Shell Upload
Ahmet Umit Bayram
Med.
Boelter Blue System Management 1.3 SQL Injection CVE-2024-36840
CBKB
Med.
Trojan.Win32.DarkGateLoader (multi variants) / Arbitrary Code Execution
malvuln
Med.
opos-1.0 Multiple SQLi
nu11secur1ty
Med.
Online Pizza Ordering System 1.0 SQL Injection
nu11secur1ty
2024-06-04
Low
Sitefinity 15.0 Cross Site Scripting CVE-2023-27636
Aldi Saputra Wahyudi
High
FreePBX 16 Remote Code Execution
Cold z3ro

The latest CVEs

Dorks

2024-06-10
CVE-2024-26507
An issue in FinalWire AIRDA Extreme, AIDA64 Engineer, AIDA64 Business, AIDA64 Network Audit v.7.00.6700 and before allows a local attacker to escalate privileges via the DeviceIoControl call associated with MmMapIoSpace, IoAllocateMdl, MmBuildMdlForNonPagedPool, or MmMapLockedPages components.
CVE-2024-31613
BOSSCMS v3.10 is vulnerable to Cross Site Request Forgery (CSRF) in name="head_code" or name="foot_code."
CVE-2024-34332
An issue in SiSoftware SANDRA v31.66 (SANDRA.sys 15.18.1.1) and before allows an attacker to escalate privileges via a crafted buffer sent to the Kernel Driver using the DeviceIoControl Windows API.
CVE-2024-34761
Vulnerability discovered by executing a planned security audit. Improper Control of Generation of Code ('Code Injection') vulnerability in WPENGINE INC Advanced Custom Fields PRO allows Code Injection.This issue affects Advanced Custom Fields PRO: from n/a before 6.2.10.
CVE-2024-34762
Vulnerability discovered by executing a planned security audit. Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WPENGINE INC Advanced Custom Fields PRO allows PHP Local File Inclusion.This issue affects Advanced Custom Fields PRO: from n/a before 6.2.10.
CVE-2024-34800
Missing Authentication for Critical Function vulnerability in Aruphash Crafthemes Demo Import allows Functionality Misuse.This issue affects Crafthemes Demo Import: from n/a through 3.3.
CVE-2024-35474
A Directory Traversal vulnerability in iceice666 ResourcePack Server before v1.0.8 allows a remote attacker to disclose files on the server, via setPath in ResourcePackFileServer.kt.
CVE-2024-35650
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Melapress MelaPress Login Security allows PHP Remote File Inclusion.This issue affects MelaPress Login Security: from n/a through 1.3.0.
CVE-2024-35658
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ThemeHigh Checkout Field Editor for WooCommerce (Pro) allows Functionality Misuse, File Manipulation.This issue affects Checkout Field Editor for WooCommerce (Pro): from n/a through 3.6.2.
CVE-2024-35677
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in StylemixThemes MegaMenu allows PHP Local File Inclusion.This issue affects MegaMenu: from n/a through 2.3.12.
2024-06-08
Med.
Neetai Tech - Blind Sql Injection
"Reserved By Neetai Tech"
 behrouz mansoori
2024-06-07
Med.
Boelter Blue System Management 1.3 SQL Injection( CVE-2024-36840 )
inurl:"Powered by Boelter Blue"
 CBKB
2024-05-28
Med.
VSP Softtech - Sql Injection
"Developed By VSP Softtech"
 behrouz mansoori
Med.
Designed By San Software - Sql Injection
"Designed By San Software"
 behrouz mansoori
Med.
Designed By San Software - Blind Sql Injection
"Designed By San Software"
 behrouz mansoori
Quick goto:

Bugtraq The latest CVEs Dorks
Search

Are you looking CVE for some product?

Top Vendors:

Apple Microsoft Google Oracle Apache IBM Red Hat HP Adobe Mozilla
 
Full List of Vendors

Top Products:

Linux Kernel Mac OS X Windows XP Windows 10 Flash Player Adobe Reader PHP JRE JDK
Wordpress Joomla Chrome IE Firefox Safari HTTPD Tomcat Nginx
 

Full List of Products

Top CWE:

CWE-89 (SQL Injection) CWE-79 (XSS) CWE-119 (Buffer Overflow) CWE-22 (Path Traversal)
 
Check CWE Dictionary

Donate:
is an open project developed and moderated fully by one independent person.
Help develop the project and make
Donations
Copyright 2024, cxsecurity.com

 

Back to Top