811
|
- |
|
-
|
-
|
Use after free in Dawn in Google Chrome on Windows prior to 129.0.6668.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
-
|
CVE-2024-9120
|
2024-09-26 22:32 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
812
|
- |
|
-
|
-
|
Vulnerability in Scriptcase version 9.4.019 that consists of a Cross-Site Scripting (XSS), due to the lack of input validation, affecting the “id_form_msg_title” parameter, among others. This vulnera…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8942
|
2024-09-26 22:32 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
813
|
- |
|
-
|
-
|
Path traversal vulnerability in Scriptcase version 9.4.019, in /scriptcase/devel/compat/nm_edit_php_edit.php (in the “subpage” parameter), which allows unauthenticated remote users to bypass Security…
|
CWE-22
Path Traversal
|
CVE-2024-8941
|
2024-09-26 22:32 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
814
|
- |
|
-
|
-
|
Vulnerability in the Scriptcase application version 9.4.019, which involves the arbitrary upload of a file via /scriptcase/devel/lib/third/jquery_plugin/jQuery-File-Upload/server/php/ via a POST requ…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-8940
|
2024-09-26 22:32 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
815
|
- |
|
-
|
-
|
The Confetti Fall Animation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'confetti-fall-animation' shortcode in all versions up to, and including, 1.3.0 due to i…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8919
|
2024-09-26 22:32 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
816
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The AnWP Football Leagues plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 0.16.7 due to insufficient input sanitization an…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8917
|
2024-09-26 22:32 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
817
|
7.2 |
HIGH
Network
-
|
-
|
The Thanh Toán Quét Mã QR Code T? ??ng – MoMo, ViettelPay, VNPay và 40 ngân hàng Vi?t Nam plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 2.0.1…
|
-
|
CVE-2024-8914
|
2024-09-26 22:32 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
818
|
- |
|
-
|
-
|
The password recovery mechanism for the forgotten password in Riello Netman 204 allows an attacker to reset the admin password and take over control of the device.This issue affects Netman 204: throu…
|
-
|
CVE-2024-8878
|
2024-09-26 22:32 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
819
|
- |
|
-
|
-
|
Improper neutralization of special elements results in a SQL Injection vulnerability in Riello Netman 204. It is only limited to the SQLite database of measurement data.This issue affects Netman 204:…
|
-
|
CVE-2024-8877
|
2024-09-26 22:32 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
820
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The Happy Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.12.2 via the Content Switcher widget. This makes it possibl…
|
CWE-200
Information Exposure
|
CVE-2024-8801
|
2024-09-26 22:32 |
2024-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|