Unknown
CVSS: -
Yayın: 2025-01-02 10:15:07
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Carver Lab 10CentMail 10centmail-subscription-management-and-analytics allows Reflected XSS.This issue affects 10CentMail: from n/a through
Unknown
CVSS: -
Yayın: 2025-01-02 10:15:07
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dreamwinner Easy Language Switcher easy-language-switcher allows Reflected XSS.This issue affects Easy Language Switcher: from n/a through
Unknown
CVSS: -
Yayın: 2025-01-02 10:15:07
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lemonadestudio Lemonade Social Networks Autoposter Pinterest lemonade-sna-pinterest-edition allows Reflected XSS.This issue affects Lemonade Social…
Unknown
CVSS: -
Yayın: 2025-01-02 10:15:07
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bizswoop Leads CRM leads-crm allows Reflected XSS.This issue affects Leads CRM: from n/a through
Unknown
CVSS: -
Yayın: 2025-01-02 10:15:06
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gavinr Inline Footnotes inline-footnotes allows Stored XSS.This issue affects Inline Footnotes: from n/a through
Medium
CVSS: 6.9
Yayın: 2025-01-02 10:15:06
A vulnerability, which was classified as critical, has been found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. This issue affects some unknown processing of the file /goform/form2AddVrtsrv.cgi of the component Virtual Service Handler. The manipulatio…
Medium
CVSS: 6.9
Yayın: 2025-01-02 10:15:06
A vulnerability classified as critical was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. This vulnerability affects unknown code of the file /goform/DDNS of the component DDNS Service. The manipulation leads to improper access controls. The atta…
High
CVSS: 7.2
Yayın: 2025-01-02 10:15:06
An unintended entry point vulnerability has been identified in certain router models, which may allow for arbitrary command execution.
Refer to the ' 01/02/2025 ASUS Router AiCloud vulnerability' section on the ASUS Security Advisory for more informa…
Medium
CVSS: 5.3
Yayın: 2025-01-02 09:15:18
A vulnerability, which was classified as critical, has been found in code-projects Job Recruitment 1.0. This issue affects some unknown processing of the file /_parse/_call_main_search_ajax.php of the component Seeker Profile Handler. The manipulatio…
Medium
CVSS: 5.3
Yayın: 2025-01-02 09:15:17
A vulnerability classified as critical was found in code-projects Job Recruitment 1.0. This vulnerability affects unknown code of the file /_parse/_call_job/search_ajax.php of the component Job Post Handler. The manipulation of the argument n leads t…
High
CVSS: 7.2
Yayın: 2025-01-02 09:15:17
An improper input insertion vulnerability in AiCloud on certain router models may lead to arbitrary command execution.
Refer to the '01/02/2025 ASUS Router AiCloud vulnerability' section on the ASUS Security Advisory for more information.
Medium
CVSS: 4.7
Yayın: 2025-01-02 06:15:07
The AHAthat Plugin WordPress plugin through 1.6 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers
Medium
CVSS: 5.9
Yayın: 2025-01-02 06:15:07
The goodlayers-core WordPress plugin before 2.0.10 does not sanitise and escape some of its settings, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
Medium
CVSS: 4.8
Yayın: 2025-01-02 06:15:06
The wp-enable-svg WordPress plugin through 0.7 does not sanitize SVG files when uploaded, allowing for authors and above to upload SVGs containing malicious scripts
Medium
CVSS: 5.4
Yayın: 2025-01-02 05:15:07
The Net::EasyTCP package 0.15 through 0.26 for Perl uses Perl's builtin rand() if no strong randomization module is present.
Medium
CVSS: 5.4
Yayın: 2025-01-02 05:15:06
The Net::EasyTCP package before 0.15 for Perl always uses Perl's builtin rand(), which is not a strong random number generator, for cryptographic keys.
Medium
CVSS: 4.3
Yayın: 2025-01-02 04:15:06
Landray EIS 2001 through 2006 allows Message/fi_message_receiver.aspx?replyid= SQL injection.
Critical
CVSS: 10.0
Yayın: 2025-01-02 04:15:05
Huang Yaoshi Pharmaceutical Management Software through 16.0 allows arbitrary file upload via a .asp filename in the fileName element of the UploadFile element in a SOAP request to /XSDService.asmx.
Medium
CVSS: 5.3
Yayın: 2025-01-01 14:15:23
A vulnerability classified as critical has been found in code-projects Job Recruitment 1.0. This affects an unknown part of the file /_parse/_feedback_system.php. The manipulation of the argument person leads to sql injection. It is possible to initi…
Medium
CVSS: 6.1
Yayın: 2025-01-01 06:15:23
The does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin