1041
|
5.4 |
MEDIUM
Network
|
mayurik
|
best_house_rental_management_system
|
A vulnerability has been found in SourceCodester Best House Rental Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /ajax.ph…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9033
|
2024-09-28 00:56 |
2024-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1042
|
6.1 |
MEDIUM
Network
|
xootix
|
waitlist_woocommerce
|
The Waitlist Woocommerce ( Back in stock notifier ) plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8724
|
2024-09-28 00:56 |
2024-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1043
|
9.8 |
CRITICAL
Network
code-projects
|
blood_bank_system
|
A vulnerability classified as critical was found in code-projects Blood Bank System 1.0. This vulnerability affects unknown code of the file /admin/blood/update/o-.php. The manipulation of the argume…
|
CWE-89
SQL Injection
|
CVE-2024-9094
|
2024-09-28 00:54 |
2024-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1044
|
5.5 |
MEDIUM
Local
|
code-projects
|
blood_bank_management_system
|
A vulnerability, which was classified as problematic, was found in code-projects Blood Bank Management System 1.0. This affects an unknown part of the component Password Handler. The manipulation lea…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2024-9040
|
2024-09-28 00:53 |
2024-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1045
|
5.4 |
MEDIUM
Network
|
wpgogo
|
custom_field_template
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hiroaki Miyashita Custom Field Template allows Stored XSS.This issue affects Custom Field …
|
CWE-79
Cross-site Scripting
|
CVE-2024-44062
|
2024-09-28 00:49 |
2024-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1046
|
5.4 |
MEDIUM
Network
|
mediaron
|
custom_query_blocks
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in MediaRon LLC Custom Query Blocks allows Stored XSS.This issue affects Custom Query Blocks:…
|
CWE-79
Cross-site Scripting
|
CVE-2024-44059
|
2024-09-28 00:33 |
2024-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1047
|
6.1 |
MEDIUM
Network
|
mohammadarif
|
opor_ayam
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Mohammad Arif Opor Ayam allows Reflected XSS.This issue affects Opor Ayam: from n/a throug…
|
CWE-79
Cross-site Scripting
|
CVE-2024-44053
|
2024-09-28 00:32 |
2024-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1048
|
4.8 |
MEDIUM
Network
|
acquia
|
mautic
|
With access to edit a Mautic form, the attacker can add Cross-Site Scripting stored in the html filed. This could be used to steal sensitive information from the user's current session.
|
CWE-79
Cross-site Scripting
|
CVE-2024-47058
|
2024-09-28 00:31 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1049
|
6.1 |
MEDIUM
Network
|
acquia
|
mautic
|
Prior to this patch being applied, Mautic's tracking was vulnerable to Cross-Site Scripting through the Page URL variable.
|
CWE-79
Cross-site Scripting
|
CVE-2024-47050
|
2024-09-28 00:29 |
2024-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1050
|
8.8 |
HIGH
Network
|
purestorage
|
purity\/\/fa purity\/\/fb
|
A condition exists in FlashArray and FlashBlade Purity whereby a malicious user could execute arbitrary commands remotely through a specifically crafted SNMP configuration.
|
CWE-77
Command Injection
|
CVE-2024-0005
|
2024-09-28 00:25 |
2024-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|