261
|
6.1 |
MEDIUM
Network
|
alist_project
|
alist
|
AList is a file list program that supports multiple storages. AList contains a reflected cross-site scripting vulnerability in helper.go. The endpoint /i/:link_name takes in a user-provided value and…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-47067
|
2024-11-16 01:28 |
2024-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
262
|
5.4 |
MEDIUM
Network
|
mirceatm
|
nmr_strava_activities
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Mircea N. NMR Strava activities allows DOM-Based XSS.This issue affects NMR Strava activit…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-51603
|
2024-11-16 01:24 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
263
|
5.4 |
MEDIUM
Network
|
jumpstartcreatives
|
media_modal
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Carlo Andro Mabugay Media Modal allows DOM-Based XSS.This issue affects Media Modal: from …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-51604
|
2024-11-16 01:19 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
264
|
5.4 |
MEDIUM
Network
|
cyberchimps
|
responsive_addons_for_elementor
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Cyberchimps Responsive Addons for Elementor allows DOM-Based XSS.This issue affects Respon…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-52358
|
2024-11-16 01:17 |
2024-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
265
|
8.8 |
HIGH
Network
|
microsoft
|
sql_server_2016 sql_server_2017 sql_server_2019
|
SQL Server Native Client Remote Code Execution Vulnerability
Update
|
NVD-CWE-noinfo
|
CVE-2024-49012
|
2024-11-16 01:16 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
266
|
8.8 |
HIGH
Network
|
microsoft
|
sql_server_2016 sql_server_2017 sql_server_2019
|
SQL Server Native Client Remote Code Execution Vulnerability
Update
|
NVD-CWE-noinfo
|
CVE-2024-49011
|
2024-11-16 01:16 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
267
|
- |
|
-
|
-
|
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-2414. Reason: This candidate is a reservation duplicate of CVE-2023-2414. Notes: All CVE users should reference CV…
New
|
-
|
CVE-2024-7865
|
2024-11-16 01:15 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
268
|
- |
|
-
|
-
|
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-2414. Reason: This candidate is a reservation duplicate of CVE-2023-2414. Notes: All CVE users should reference C…
New
|
-
|
CVE-2024-6413
|
2024-11-16 01:15 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
269
|
- |
|
-
|
-
|
In JetBrains WebStorm before 2024.3 code execution in Untrusted Project mode was possible via type definitions installer script
New
|
CWE-349
Acceptance of Extraneous Untrusted Data With Trusted Data
|
CVE-2024-52555
|
2024-11-16 01:15 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
270
|
- |
|
-
|
-
|
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Services" tab of the Device page allows authenticated users to in…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-52526
|
2024-11-16 01:15 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|