501
|
- |
|
-
|
-
|
phpIPAM version 1.5.1 contains a vulnerability where an attacker can bypass the IP block mechanism to brute force passwords for users by using the 'X-Forwarded-For' header. The issue lies in the 'get…
New
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2024-0787
|
2024-11-15 22:58 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
502
|
- |
|
-
|
-
|
A use after free vulnerability exists in GPAC version 2.3-DEV-revrelease, specifically in the gf_filterpacket_del function in filter_core/filter.c at line 38. This vulnerability can lead to a double-…
New
|
CWE-416
Use After Free
|
CVE-2023-4679
|
2024-11-15 22:58 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
503
|
- |
|
-
|
-
|
A stored Cross-site Scripting (XSS) vulnerability exists in the Conditions tab of Pricing Rules in pimcore/pimcore versions 10.5.19. The vulnerability is present in the From and To fields of the Date…
New
|
CWE-79
Cross-site Scripting
|
CVE-2023-2332
|
2024-11-15 22:58 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
504
|
- |
|
-
|
-
|
wallabag version 2.5.2 contains a Cross-Site Request Forgery (CSRF) vulnerability that allows attackers to arbitrarily delete user accounts via the /account/delete endpoint. This issue is fixed in ve…
New
|
CWE-352
Origin Validation Error
|
CVE-2023-0737
|
2024-11-15 22:58 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
505
|
- |
|
-
|
-
|
A stored cross-site scripting (XSS) vulnerability was discovered in usememos/memos version 0.9.1. This vulnerability allows an attacker to upload a JavaScript file containing a malicious script and r…
New
|
CWE-79
Cross-site Scripting
|
CVE-2023-0109
|
2024-11-15 22:58 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
506
|
- |
|
-
|
-
|
A remote command execution vulnerability exists in gogs/gogs versions <=0.12.7 when deployed on a Windows server. The vulnerability arises due to improper validation of the `tree_path` parameter duri…
New
|
CWE-78
OS Command
|
CVE-2022-1884
|
2024-11-15 22:58 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
507
|
- |
|
-
|
-
|
A Cross-Site Scripting (XSS) vulnerability in phpipam/phpipam versions prior to 1.4.7 allows attackers to execute arbitrary JavaScript code in the browser of a victim. This vulnerability affects the …
New
|
CWE-79
Cross-site Scripting
|
CVE-2022-1226
|
2024-11-15 22:58 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
508
|
- |
|
-
|
-
|
An Improper Authorization vulnerability exists in Dolibarr versions prior to the 'develop' branch. A user with restricted permissions in the 'Reception' section is able to access specific reception d…
New
|
CWE-285
Improper Authorization
|
CVE-2021-3991
|
2024-11-15 22:58 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
509
|
- |
|
-
|
-
|
A Cross-site Scripting (XSS) vulnerability exists in janeczku/calibre-web, specifically in the file `edit_books.js`. The vulnerability occurs when editing book properties, such as uploading a cover o…
New
|
CWE-79
Cross-site Scripting
|
CVE-2021-3988
|
2024-11-15 22:58 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
510
|
- |
|
-
|
-
|
An improper access control vulnerability exists in janeczku/calibre-web. The affected version allows users without public shelf permissions to create public shelves. The vulnerability is due to the `…
New
|
CWE-284
Improper Access Control
|
CVE-2021-3987
|
2024-11-15 22:58 |
2024-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|