| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/contact/list. |
| JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/comment/list. |
| JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/article/list_approve. |
| JFinal CMS 5.1.0 is vulnerable to SQL Injection via /admin/article/list. |
| School Activity Updates with SMS Notification v1.0 was discovered to contain a SQL injection vulnerability via the component /modules/modstudent/index.php?view=edit&id=. |
| School Activity Updates with SMS Notification v1.0 was discovered to contain a SQL injection vulnerability via the component /modules/autonumber/index.php?view=edit&id=. |
| School Activity Updates with SMS Notification v1.0 was discovered to contain a SQL injection vulnerability via the component /modules/user/index.php?view=edit&id=. |
| An issue in the Leptonica linked library (v1.79.0) allows attackers to cause an arithmetic exception leading to a Denial of Service (DoS) via a crafted JPEG file. |
| Apartment Visitor Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter at /avms/edit-apartment.php. |
| A local file inclusion (LFI) vulnerability in D-Link DIR 819 v1.06 allows attackers to cause a Denial of Service (DoS) or access sensitive server information via manipulation of the getpage parameter in a crafted web request. |
| TastyIgniter v3.5.0 was discovered to contain a cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload. |
| Nagios XI before v5.8.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the ajax.php script in CCM 3.1.5. |
| Nagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the System Performance Settings page under the Admin panel. |
| Nagios XI v5.8.6 was discovered to contain a SQL injection vulnerability via the mib_name parameter at the Manage MIBs page. |
| Nagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the MTR component in version 1.0.4. |
| Nagios XI before v5.8.7 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities at auditlog.php. |
| Nagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the System Settings page under the Admin panel. |
| XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::lookChar() at /xpdf/Stream.cc. |
| XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::readScan() at /xpdf/Stream.cc. |
| XPDF commit ffaf11c was discovered to contain a global-buffer overflow via Lexer::getObj(Object*) at /xpdf/Lexer.cc. |
