1861
|
7.5 |
HIGH
Network
updateproducts_project simpleimportproduct_project
|
updateproducts simpleimportproduct
|
MyPrestaModules Prestashop Module v6.2.9 and UpdateProducts Prestashop Module v3.6.9 were discovered to contain a PHPInfo information disclosure vulnerability via send.php.
|
NVD-CWE-noinfo
|
CVE-2023-39677
|
2024-09-26 00:35 |
2023-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1862
|
6.5 |
MEDIUM
Network
kokoroe_members_card_project
|
kokoroe_members_card
|
An information leak in kokoroe_members card Line 13.6.1 allows attackers to obtain the channel access token and send crafted messages.
|
NVD-CWE-noinfo
|
CVE-2023-39045
|
2024-09-26 00:35 |
2023-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1863
|
7.2 |
HIGH
Network
|
dolibarr
|
dolibarr_erp\/crm
|
An issue in Dolibarr ERP CRM v.17.0.1 and before allows a remote privileged attacker to execute arbitrary code via a crafted command/script.
|
NVD-CWE-noinfo
|
CVE-2023-38886
|
2024-09-26 00:35 |
2023-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1864
|
5.5 |
MEDIUM
Local
|
iobit
|
malware_fighter
|
An issue was discovered in ImfHpRegFilter.sys in IOBit Malware Fighter version 8.0.2, allows local attackers to cause a denial of service (DoS).
|
NVD-CWE-noinfo
|
CVE-2020-24089
|
2024-09-26 00:35 |
2023-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1865
|
2.7 |
LOW
Network
|
strapi
|
strapi
|
Strapi is the an open-source headless content management system. Prior to version 4.12.1, field level permissions are not respected in the relationship title. If an actor has relationship title and t…
|
NVD-CWE-noinfo
|
CVE-2023-37263
|
2024-09-26 00:35 |
2023-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1866
|
7.8 |
HIGH
Local
|
hp
|
poly_plantronics_hub
|
Poly Plantronics Hub Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Poly Plantronics Hub. An at…
|
CWE-59
Link Following
|
CVE-2024-6147
|
2024-09-26 00:29 |
2024-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1867
|
5.4 |
MEDIUM
Network
|
greenshiftwp
|
greenshift_-_animation_and_page_builder_blocks
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wpsoul Greenshift – animation and page builder blocks allows Stored XSS.This issue affects…
|
CWE-79
Cross-site Scripting
|
CVE-2024-44005
|
2024-09-26 00:25 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1868
|
7.8 |
HIGH
Local
|
tungstenautomation
|
kofax_power_pdf
|
Kofax Power PDF PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-5303
|
2024-09-26 00:24 |
2024-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1869
|
7.8 |
HIGH
Local
|
tungstenautomation
|
kofax_power_pdf
|
Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-5302
|
2024-09-26 00:22 |
2024-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1870
|
7.8 |
HIGH
Local
|
tungstenautomation
|
kofax_power_pdf
|
Kofax Power PDF PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofa…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-5301
|
2024-09-26 00:18 |
2024-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|