A vulnerability was found in ABB System 800xA 5.1.x/6.0.3.x/6.1.1.x/6.2.x and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to unprotected storage of credentials.
This vulnerability is handled as CVE-2024-10334. An attack has to be approached locally. There is no exploit available.
A vulnerability has been found in code-projects Real Estate Property Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /_parse/load_user-profile.php. The manipulation of the argument userhash leads to sql injection.
This vulnerability is known as CVE-2025-1197. The attack can be launched remotely. Furthermore, there is an exploit available.
A vulnerability, which was classified as problematic, was found in code-projects Real Estate Property Management System 1.0. Affected is an unknown function of the file /search.php. The manipulation of the argument PropertyName leads to cross site scripting.
This vulnerability is traded as CVE-2025-1196. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
Other parameters might be affected as well.
A vulnerability, which was classified as problematic, has been found in code-projects Real Estate Property Management System 1.0. This issue affects some unknown processing of the file /Admin/EditCategory. The manipulation of the argument CategoryId leads to cross site scripting.
The identification of this vulnerability is CVE-2025-1195. The attack may be initiated remotely. Furthermore, there is an exploit available.
A vulnerability classified as problematic has been found in Devolutions Remote Desktop Manager up to 2024.3.19 on Windows. This affects an unknown part. The manipulation leads to improper certificate validation.
This vulnerability is uniquely identified as CVE-2025-1193. It is possible to initiate the attack remotely. There is no exploit available.
A vulnerability was found in KUNBUS Revolution Pi 2022-07-28-revpi-buster. It has been rated as critical. Affected by this issue is some unknown functionality of the file /pictory/php/getFileList.php. The manipulation of the argument dir leads to path traversal.
This vulnerability is handled as CVE-2024-8685. The attack may be launched remotely. There is no exploit available.
A vulnerability was found in KUNBUS Revolution Pi 2022-07-28-revpi-buster. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file php/dal.php. The manipulation of the argument arrSaveConfig leads to os command injection.
This vulnerability is known as CVE-2024-8684. The attack can be launched remotely. There is no exploit available.
Attackers are smuggling payment card-skimming malicious code into checkout pages on Magento-based e-commerce sites by abusing the Google Tag Manager ad tool.
Threat actors have been observed leveraging Google Tag Manager (GTM) to deliver credit card skimmer malware targeting Magento-based e-commerce websites.
Website security company Sucuri said the code, while appearing to be a typical GTM and Google Analytics script used for website analytics and advertising purposes, contains an obfuscated backdoor capable of providing attackers with persistent
A vulnerability classified as problematic has been found in Gestpay for WooCommerce Plugin up to 20221130 on WordPress. This affects the function ajax_delete_card. The manipulation leads to cross-site request forgery.
This vulnerability is uniquely identified as CVE-2024-0432. It is possible to initiate the attack remotely. There is no exploit available.
A vulnerability classified as problematic was found in Gestpay for WooCommerce Plugin up to 20221130 on WordPress. This vulnerability affects the function ajax_unset_default_card. The manipulation leads to cross-site request forgery.
This vulnerability was named CVE-2024-0433. The attack can be initiated remotely. There is no exploit available.