731
|
8.8 |
HIGH
Network
|
tosei-corporation
|
online_store_management_system
|
A vulnerability was found in Tosei Online Store Management System ??????????? 4.02/4.03/4.04. It has been rated as critical. Affected by this issue is some unknown functionality of the file /cgi-bin/…
|
CWE-77
Command Injection
|
CVE-2024-7896
|
2024-09-27 10:16 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
732
|
7.2 |
HIGH
Network
|
benjaminrojas
|
wp_editor
|
The WP Editor plugin for WordPress is vulnerable to deserialization of untrusted input via the 'current_theme_root' parameter in versions up to, and including 1.2.9. This makes it possible for authen…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2022-2446
|
2024-09-27 10:09 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
733
|
5.4 |
MEDIUM
Network
|
arnoldgoodway
|
neighborly
|
The Neighborly theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter within the theme's Button shortcode in all versions up to, and including, 1.4 due to insufficie…
|
CWE-79
Cross-site Scripting
|
CVE-2024-5869
|
2024-09-27 10:06 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
734
|
5.4 |
MEDIUM
Network
|
samiahmedsiddiqui
|
custom_permalinks
|
The Custom Permalinks plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.6.0 due to insufficient input sanitization and output escaping on tag names…
|
CWE-79
Cross-site Scripting
|
CVE-2023-0926
|
2024-09-27 10:01 |
2024-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
735
|
5.4 |
MEDIUM
Network
|
dfactory
|
responsive_lightbox
|
The Responsive Lightbox & Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via file uploads in all versions up to, and including, 2.4.7 due to insufficient input sanitization…
|
CWE-79
Cross-site Scripting
|
CVE-2024-6870
|
2024-09-27 09:52 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
736
|
5.4 |
MEDIUM
Network
|
posimyth
|
the_plus_addons_for_elementor
|
The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the carousel_direction para…
|
CWE-79
Cross-site Scripting
|
CVE-2024-5583
|
2024-09-27 09:47 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
737
|
8.1 |
HIGH
Network
|
pixeljar
|
favicon_generator
|
The Favicon Generator plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the output_sub_ad…
|
CWE-352
Origin Validation Error
|
CVE-2024-7568
|
2024-09-27 09:41 |
2024-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
738
|
9.8 |
CRITICAL
Network
tosei-corporation
|
online_store_management_system
|
A vulnerability classified as critical was found in Tosei Online Store Management System ??????????? 4.02/4.03/4.04. This vulnerability affects unknown code of the component Backend. The manipulation…
|
NVD-CWE-noinfo
|
CVE-2024-7898
|
2024-09-27 09:34 |
2024-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
739
|
8.8 |
HIGH
Network
|
tosei
|
online_store_management_system
|
A vulnerability classified as critical has been found in Tosei Online Store Management System ??????????? 4.02/4.03/4.04. This affects an unknown part of the file /cgi-bin/tosei_kikai.php. The manipu…
|
CWE-77
Command Injection
|
CVE-2024-7897
|
2024-09-27 09:29 |
2024-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
740
|
- |
|
-
|
-
|
A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs?. The memory leak happens in git…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2024-1394
|
2024-09-27 08:15 |
2024-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|