CVE-2024-37051 - GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 ...
9 months ago Tenable.com
CVE-2023-4524 - ** REJECT ** CVE reject in favor of CVE-2023-40547 ...
1 year ago
CVE-2010-1677 - MHonArc 2.6.16 allows remote attackers to cause a denial of service (CPU consumption) via start tags that are placed within other start tags, as demonstrated by a <bo<bo<bo<bo<body>dy>dy>dy>dy> sequence, a different ...
7 years ago
CVE-2014-4524 - Cross-site scripting (XSS) vulnerability in classes/custom-image/media.php in the WP Easy Post Types plugin before 1.4.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ref parameter. ...
10 years ago
CVE-2016-4524 - ABB PCM600 before 2.7 improperly stores OPC Server IEC61850 passwords in unspecified temporary circumstances, which allows local users to obtain sensitive information via unknown vectors. ...
8 years ago
CVE-2015-4524 - Unrestricted file upload vulnerability in EMC Documentum WebTop 6.7SP1 before P31, 6.7SP2 before P23, and 6.8 before P01; Documentum Administrator 6.7SP1 before P31, 6.7SP2 before P23, 7.0 before P18, 7.1 before P15, and 7.2 before P01; Documentum ...
8 years ago
CVE-2009-4524 - Cross-site scripting (XSS) vulnerability in the RealName module 6.x-1.x before 6.x-1.3 for Drupal allows remote attackers to inject arbitrary web script or HTML via a realname (aka real name) element. ...
7 years ago
CVE-2008-4524 - SQL injection vulnerability in the "Check User" feature (includes/check_user.php) in AdaptCMS Lite and AdaptCMS Pro 1.3 allows remote attackers to execute arbitrary SQL commands via the user_name parameter. ...
7 years ago
CVE-2011-4524 - Buffer overflow in Advantech/BroadWin WebAccess before 7.0 allows remote attackers to execute arbitrary code via a long string value in unspecified parameters. ...
1 year ago
CVE-2007-4524 - PHP remote file inclusion vulnerability in adisplay.php in PhPress 0.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter. ...
6 years ago
CVE-2006-4524 - Multiple SQL injection vulnerabilities in login_verif.asp in Digiappz Freekot 1.01 allow remote attackers to execute arbitrary SQL commands via the (1) login or (2) password parameters. NOTE: some of these details are obtained from third party ...
6 years ago
CVE-2012-4524 - xlockmore before 5.43 'dclock' security bypass vulnerability ...
5 years ago
CVE-2013-4524 - Directory traversal vulnerability in repository/filesystem/lib.php in Moodle through 2.2.11, 2.3.x before 2.3.10, 2.4.x before 2.4.7, and 2.5.x before 2.5.3 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a path. ...
4 years ago
CVE-2020-4524 - IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a ...
4 years ago
CVE-2010-4524 - Cross-site scripting (XSS) vulnerability in lib/mhtxthtml.pl in MHonArc 2.6.16 allows remote attackers to inject arbitrary web script or HTML via a malformed start tag and end tag for a SCRIPT element, as demonstrated by <scr<body>ipt> ...
2 years ago
CVE-2022-4524 - A vulnerability, which was classified as problematic, was found in Roots soil Plugin up to 4.0.x. Affected is the function language_attributes of the file src/Modules/CleanUpModule.php. The manipulation of the argument language leads to cross site ...
2 years ago
CVE-2018-4524 - ** REJECT ** This candidate is unused by its CNA. ...
1 year ago
CVE-2005-4524 - Mantis 1.0.0rc3 does not properly handle "Make note private" when a bug is being resolved, which has unknown impact and attack vectors, probably related to an information leak. ...
14 years ago
CVE-2017-4524 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none ...
55 years ago Tenable.com
CVE-2024-4524 - A vulnerability, which was classified as problematic, was found in Campcodes Complete Web-Based School Management System 1.0. This affects an unknown part of the file /view/student_payment_invoice.php. The manipulation of the argument desc leads to ...
10 months ago
Threat landscape for industrial automation systems. H2 2023 - In the second half of 2023, the percentage of ICS computers on which malicious objects were blocked decreased by 2.1 pp to 31.9%. Percentage of ICS computers on which malicious objects were blocked, by half year. In H2 2023, building automation once ...
1 year ago Securelist.com