Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Averta Master Slider allows DOM-Based XSS. This issue affects Master Slider: from n/a through 3.10.8. More information : https://patchstack.com/database/wordpress/plugin/master-slider/vulnerability/wordpress-master-slider-plugin-3-10-8-cross-site-scripting-xss-vulnerability?_s_id=cve
Insertion of Sensitive Information Into Sent Data vulnerability in Tom GenerateBlocks allows Retrieve Embedded Sensitive Data. This issue affects GenerateBlocks: from n/a through 2.1.0. More information : https://patchstack.com/database/wordpress/plugin/generateblocks/vulnerability/wordpress-generateblocks-plugin-2-1-0-sensitive-data-exposure-vulnerability?_s_id=cve
A highly authenticated attacker can alter the config generator injecting a payload into future created configurations. The device is not correctly checking this configuration value before passing it to an system execute leading to...
A local attacker can perform a confusion attack on the cfgparser via a specially crafted file on an USB stick leading to code execution. This can result in a total loss of confidentiality, integrity...
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getAccountData function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss...
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the user_alarmprofile view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total...
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the tag view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total...
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the system_tag view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total...
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the system view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total...
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the devices_configuration view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total...
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dashboard view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total...
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the alarming view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total...
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getWidgetTags function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total...
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getProjectTags function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total...