2641
|
5.3 |
MEDIUM
Network
spa-cart
|
spa-cartcms
|
A vulnerability, which was classified as problematic, has been found in spa-cartcms 1.9.0.6. This issue affects some unknown processing of the file /checkout of the component Checkout Page. The manip…
|
NVD-CWE-Other
|
CVE-2024-6128
|
2024-09-21 08:21 |
2024-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2642
|
9.8 |
CRITICAL
Network
brainstormforce
|
convert_pro
|
Missing Authorization vulnerability in Brainstorm Force Convert Pro.This issue affects Convert Pro: from n/a through 1.7.5.
|
CWE-862
Missing Authorization
|
CVE-2023-36684
|
2024-09-21 08:19 |
2024-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2643
|
8.8 |
HIGH
Network
|
brainstormforce
|
spectra
|
Missing Authorization vulnerability in Brainstorm Force Spectra.This issue affects Spectra: from n/a through 2.6.6.
|
CWE-862
Missing Authorization
|
CVE-2023-36676
|
2024-09-21 08:11 |
2024-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2644
|
5.4 |
MEDIUM
Network
|
thinksaas
|
thinksaas
|
A vulnerability, which was classified as problematic, has been found in ThinkSAAS 3.7.0. This issue affects some unknown processing of the file app/system/action/do.php. The manipulation of the argum…
|
CWE-79
Cross-site Scripting
|
CVE-2024-6941
|
2024-09-21 08:08 |
2024-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2645
|
5.4 |
MEDIUM
Network
|
thinksaas
|
thinksaas
|
A vulnerability, which was classified as problematic, was found in ThinkSAAS 3.7.0. Affected is an unknown function of the file app/system/action/anti.php of the component Admin Panel Security Center…
|
CWE-79
Cross-site Scripting
|
CVE-2024-6942
|
2024-09-21 07:59 |
2024-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2646
|
6.1 |
MEDIUM
Network
|
xinhu
|
rockoa
|
A vulnerability was found in Xinhu RockOA 2.6.3 and classified as problematic. Affected by this issue is the function okla of the file /webmain/public/upload/tpl_upload.html. The manipulation of the …
|
CWE-79
Cross-site Scripting
|
CVE-2024-6939
|
2024-09-21 07:55 |
2024-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2647
|
8.8 |
HIGH
Network
|
zhongbangkeji
|
crmeb
|
A vulnerability has been found in ZhongBangKeJi CRMEB up to 5.4.0 and classified as critical. Affected by this vulnerability is the function downloadImage of the file app/services/product/product/Cop…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-6943
|
2024-09-21 07:51 |
2024-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2648
|
7.5 |
HIGH
Network
zhongbangkeji
|
crmeb
|
A vulnerability was found in ZhongBangKeJi CRMEB up to 5.4.0 and classified as critical. Affected by this issue is the function get_image_base64 of the file PublicController.php. The manipulation of …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-6944
|
2024-09-21 07:49 |
2024-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2649
|
9.1 |
CRITICAL
Network
wcms
|
wcms
|
A vulnerability classified as critical was found in vedees wcms up to 0.3.2. Affected by this vulnerability is an unknown functionality of the file /wex/finder.php. The manipulation of the argument p…
|
CWE-22
Path Traversal
|
CVE-2024-8875
|
2024-09-21 07:44 |
2024-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2650
|
7.5 |
HIGH
Network
smart-hmi
|
webiq
|
The Windows version of WebIQ 2.15.9 is affected by a directory traversal vulnerability that allows remote attackers to read any file on the system.
|
CWE-22
Path Traversal
|
CVE-2024-8752
|
2024-09-21 07:42 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|