|
2311
|
9.8 |
CRITICAL
Network
codezips
|
isp_management_system
|
A vulnerability was found in Codezips ISP Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file pay.php. The manipulation of the argument …
|
CWE-89
SQL Injection
|
CVE-2024-10751
|
2024-11-7 02:34 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2312
|
4.8 |
MEDIUM
Network
|
podsfoundation
|
pods
|
The Pods WordPress plugin before 3.2.7.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even w…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9883
|
2024-11-7 02:32 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2313
|
8.8 |
HIGH
Network
|
esafenet
|
cdg
|
A vulnerability has been found in ESAFENET CDG 5 and classified as critical. This vulnerability affects the function getOneFileDirectory of the file /com/esafenet/servlet/fileManagement/FileDirectory…
|
CWE-89
SQL Injection
|
CVE-2024-10502
|
2024-11-7 02:20 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2314
|
8.8 |
HIGH
Network
|
esafenet
|
cdg
|
A vulnerability, which was classified as critical, was found in ESAFENET CDG 5. This affects the function findById of the file /com/esafenet/servlet/document/ExamCDGDocService.java. The manipulation …
|
CWE-89
SQL Injection
|
CVE-2024-10501
|
2024-11-7 02:20 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2315
|
4.3 |
MEDIUM
Network
|
octolize
|
woocommerce_ups_shipping
|
The WooCommerce UPS Shipping – Live Rates and Access Points plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_oauth_data function…
|
CWE-862
Missing Authorization
|
CVE-2024-9109
|
2024-11-7 02:18 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2316
|
5.4 |
MEDIUM
Network
|
neumann
|
n-line
|
N-LINE 2.0.6 and prior versions contain a code injection vulnerability. If this vulnerability is exploited, arbitrary code may be executed on the instructor's browser, or the instructor may be direct…
|
CWE-94
Code Injection
|
CVE-2024-47158
|
2024-11-7 02:10 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2317
|
7.5 |
HIGH
Network
neumann
|
musasi
|
MUSASI version 3 contains an issue with use of client-side authentication. If this vulnerability is exploited, other users' credential and sensitive information may be retrieved.
|
NVD-CWE-Other
|
CVE-2024-45785
|
2024-11-7 02:08 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2318
|
9.8 |
CRITICAL
Network
lindeni
|
multi_purpose_mail_form
|
Unrestricted Upload of File with Dangerous Type vulnerability in mahlamusa Multi Purpose Mail Form allows Upload a Web Shell to a Web Server.This issue affects Multi Purpose Mail Form: from n/a throu…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-50526
|
2024-11-7 02:07 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2319
|
7.5 |
HIGH
Network
stacksmarket
|
stacks_mobile_app_builder
|
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Stacks Stacks Mobile App Builder allows Retrieve Embedded Sensitive Data.This issue affects Stacks Mobile A…
|
NVD-CWE-Other
|
CVE-2024-50528
|
2024-11-7 02:06 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2320
|
9.8 |
CRITICAL
Network
stacksmarket
|
stacks_mobile_app_builder
|
Unrestricted Upload of File with Dangerous Type vulnerability in Stacks Stacks Mobile App Builder allows Upload a Web Shell to a Web Server.This issue affects Stacks Mobile App Builder: from n/a thro…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-50527
|
2024-11-7 02:06 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
