Search
Search Results (3042 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-22219 | 1 Terminalfour | 2 Terminalfour, Xml Jdbc | 2024-08-19 | 6.3 Medium |
| XML External Entity (XXE) vulnerability in Terminalfour 8.0.0001 through 8.3.18 and XML JDBC versions up to 1.0.4 allows authenticated users to submit malicious XML via unspecified features which could lead to various actions such as accessing the underlying server, remote code execution (RCE), or performing Server-Side Request Forgery (SSRF) attacks. | ||||
| CVE-2024-7552 | 1 Datagear | 1 Datagear | 2024-08-07 | 6.3 Medium |
| A vulnerability was found in DataGear up to 5.0.0. It has been declared as critical. Affected by this vulnerability is the function evaluateVariableExpression of the file ConversionSqlParamValueMapper.java of the component Data Schema Page. The manipulation leads to improper neutralization of special elements used in an expression language statement. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-273697 was assigned to this vulnerability. | ||||