Poster - CVE CyberSecurity Database News (Page 754)

May 23, 2024 SQL Java

CVE-2024-35090 - Exploiting SQL Injection in J2EEFAST v2.7.’s SysUreportFileMapper.xml

In June 2024, a dangerous SQL injection vulnerability, now designated CVE-2024-35090, was disclosed in J2EEFAST v2.7.. This issue affects the findPage function defined in

May 23, 2024 XSS WordPress Exploit mdempfle advanced iframe

CVE-2024-4365 - How a WordPress Plugin Opened Doors with a Stored XSS Vulnerability

The Advanced iFrame plugin is a popular tool for WordPress sites. It lets site owners embed content from other pages in an easy, customizable iFrame.

May 23, 2024

CVE-2024-5143 - SMTP Credential Exposure by Redirecting Outbound Emails on Network Devices

--- Introduction In early 2024, a new vulnerability was identified affecting network devices that support email notifications (such as printers, scanners, and routers). CVE-2024-5143 describes

May 23, 2024 SQL PHP

CVE-2024-34935 - SQL Injection in Campcodes Complete Web-Based School Management System 1. – Full Exploit Breakdown

A recent vulnerability has been identified in the Campcodes Complete Web-Based School Management System 1. that could allow an attacker to take full control of

May 23, 2024 SQL Java

CVE-2024-35086 - Critical SQL Injection in J2EEFAST v2.7. via BpmTaskFromMapper.xml `findPage` Function

A critical SQL Injection vulnerability has been discovered in J2EEFAST version 2.7., tracked as CVE-2024-35086. The issue exists in the findPage function of BpmTaskFromMapper.