1661
|
- |
|
-
|
-
|
eNMS 4.4.0 to 4.7.1 is vulnerable to Directory Traversal via edit_file.
|
-
|
CVE-2024-46644
|
2024-09-26 22:32 |
2024-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1662
|
- |
|
-
|
-
|
SeaCMS 13.2 has a remote code execution vulnerability located in the file sql.class.chp. Although the system has a check function, the check function is not executed during execution, allowing remote…
|
-
|
CVE-2024-46640
|
2024-09-26 22:32 |
2024-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1663
|
- |
|
-
|
-
|
SEMCMS 4.8 is vulnerable to SQL Injection via SEMCMS_Main.php.
|
-
|
CVE-2024-46103
|
2024-09-26 22:32 |
2024-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1664
|
- |
|
-
|
-
|
GDidees CMS <= v3.9.1 has a file upload vulnerability.
|
-
|
CVE-2024-46101
|
2024-09-26 22:32 |
2024-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1665
|
- |
|
-
|
-
|
A stored cross-site scripting (XSS) vulnerability in the Add Scheduled Task module of Maccms10 v2024.1000.4040 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
|
-
|
CVE-2024-46654
|
2024-09-26 22:32 |
2024-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1666
|
- |
|
-
|
-
|
Galaxy is a free, open-source system for analyzing data, authoring workflows, training and education, publishing tools, managing infrastructure, and more. An attacker can potentially replace the cont…
|
CWE-200
Information Exposure
|
CVE-2024-42351
|
2024-09-26 22:32 |
2024-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1667
|
- |
|
-
|
-
|
Galaxy is a free, open-source system for analyzing data, authoring workflows, training and education, publishing tools, managing infrastructure, and more. The editor visualization, /visualizations en…
|
CWE-79
Cross-site Scripting
|
CVE-2024-42346
|
2024-09-26 22:32 |
2024-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1668
|
- |
|
-
|
-
|
Confidant is a open source secret management service that provides user-friendly storage and access to secrets. The following endpoints are subject to a cross site scripting vulnerability: GET /v1/cr…
|
CWE-79
Cross-site Scripting
|
CVE-2024-45793
|
2024-09-26 22:32 |
2024-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1669
|
- |
|
-
|
-
|
Navidrome is an open source web-based music collection server and streamer. Navidrome automatically adds parameters in the URL to SQL queries. This can be exploited to access information by adding pa…
|
CWE-89
SQL Injection
|
CVE-2024-47062
|
2024-09-26 22:32 |
2024-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1670
|
- |
|
-
|
-
|
Plate is a javascript toolkit that makes it easier for you to develop with Slate, a popular framework for building text editors. One longstanding feature of Plate is the ability to add custom DOM att…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47061
|
2024-09-26 22:32 |
2024-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|