Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2024-05-07
High
High
2024-05-06
Med.
Med.
High
High
2024-05-05
High
Med.
Med.
2024-05-04
Med.
Med.
High
Med.

The latest CVEs

Dorks

2024-05-07
CVE-2024-33139
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sql_filter parameter in the findpage function.
CVE-2024-33144
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sql_filter parameter in the findApplyedTasksPage function in BpmTaskMapper.xml.
CVE-2024-33146
J2EEFAST v2.7.0 was discovered to contain a SQL injection vulnerability via the sql_filter parameter in the export function.
CVE-2024-33748
Cross-site scripting (XSS) vulnerability in the search function in MvnRepository MS Basic 2.1.18.3 and earlier.
CVE-2024-33856
An issue was discovered in Logpoint before 7.4.0. An attacker can enumerate a valid list of usernames by observing the response time at the Forgot Password endpoint.
CVE-2024-33857
An issue was discovered in Logpoint before 7.4.0. Due to a lack of input validation on URLs in threat intelligence, an attacker with low-level access to the system can trigger Server Side Request Forgery.
CVE-2024-33858
An issue was discovered in Logpoint before 7.4.0. A path injection vulnerability is seen while adding a CSV enrichment source. The source_name parameter could be changed to an absolute path; this will write the CSV file to that path inside the /tmp directory.
CVE-2024-34341
Trix is a rich text editor. The Trix editor, versions prior to 2.1.1, is vulnerable to arbitrary code execution when copying and pasting content from the web or other documents with markup into the editor. The vulnerability stems from improper sanitization of pasted content, allowing an attacker to embed malicious scripts which are executed within ...
CVE-2024-4596
A vulnerability was found in Kimai up to 2.15.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Session Handler. The manipulation of the argument PHPSESSIONID leads to information disclosure. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is know...
CVE-2022-37249
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
2024-05-06
Med.
Kobiz Design - Sql Injection
"Desing by Kobiz Design Co"
behrouz mansoori
2024-05-05
Med.
Oracuz - Blind Sql Injection
"Design by Oracuz"
behrouz mansoori
Med.
Kobiz Design - Blind Sql Injection
"Desing by Kobiz Design Co"
behrouz mansoori
2024-05-04
Med.
Sandhya Branding Agency - Blind Sql Injection
"Powered by : Sandhya Branding Agency"
behrouz mansoori
Med.
Webenlive - Sql Injection
"Design: Webenlive"
behrouz mansoori

Copyright 2024, cxsecurity.com

 

Back to Top