631
|
- |
|
-
|
-
|
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Alert Rules" feature allows authenticated users to inject arbitra…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47525
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
632
|
- |
|
-
|
-
|
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can create a Device Groups, the application did not properly sanitize the user input in the Device Gro…
|
-
|
CVE-2024-47524
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
633
|
- |
|
-
|
-
|
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Alert Transports" feature allows authenticated users to inject ar…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47523
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
634
|
- |
|
-
|
-
|
Scriptcase 9.10.023 and before is vulnerable to Remote Code Execution (RCE) via the nm_unzip function.
|
-
|
CVE-2024-46084
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
635
|
- |
|
-
|
-
|
Scriptcase v.9.10.023 and before is vulnerable to Cross Site Scripting (XSS) in nm_cor.php via the form and field parameters.
|
-
|
CVE-2024-46082
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
636
|
9.8 |
CRITICAL
Network
oracle
|
weblogic_server
|
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2018-2628
|
2024-10-4 22:35 |
2018-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
637
|
4.8 |
MEDIUM
Network
|
funnyzpc
|
mee-admin
|
A vulnerability, which was classified as problematic, was found in funnyzpc Mee-Admin up to 1.6. This affects an unknown part of the file /mee/index of the component User Center. The manipulation of …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9279
|
2024-10-4 22:31 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
638
|
4.8 |
MEDIUM
Network
|
mage-people
|
ecab_taxi_booking_manager
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in MagePeople Team Taxi Booking Manager for WooCommerce allows Stored XSS.This issue affects …
|
CWE-79
Cross-site Scripting
|
CVE-2024-43986
|
2024-10-4 22:22 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
639
|
8.0 |
HIGH
Adjacent
|
apache
|
lucene
|
Deserialization of Untrusted Data vulnerability in Apache Lucene Replicator.
This issue affects Apache Lucene's replicator module: from 4.4.0 before 9.12.0.
The deprecated org.apache.lucene.replicat…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-45772
|
2024-10-4 22:20 |
2024-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
640
|
4.8 |
MEDIUM
Network
|
delower
|
wp_to_do
|
The WP To Do plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Comment in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping. This…
|
CWE-79
Cross-site Scripting
|
CVE-2024-3944
|
2024-10-4 22:19 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|