11
|
8.4 |
HIGH
Local
|
-
|
-
|
ANCHOR from Global Wisdom Software is an integrated product running on a Windows virtual machine. The underlying Windows OS of the product contains high-privilege service accounts. If these accounts …
New
|
CWE-1392
Use of Default Credentials
|
CVE-2024-12902
|
2024-12-23 20:15 |
2024-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
12
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘size’ parameter in all versions up to, and including, 1.6.46 due to insufficient input…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-11230
|
2024-12-23 14:15 |
2024-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
13
|
- |
|
-
|
-
|
A vulnerability classified as critical was found in FoxCMS up to 1.2. Affected by this vulnerability is an unknown functionality of the file /app/api/controller/Site.php of the component API Endpoint…
New
|
CWE-285 CWE-266
Improper Authorization Incorrect Privilege Assignment
|
CVE-2024-12901
|
2024-12-23 11:15 |
2024-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
14
|
- |
|
-
|
-
|
A vulnerability classified as critical has been found in FoxCMS up to 1.2. Affected is an unknown function of the file /install/installdb.php of the component Configuration File Handler. The manipula…
New
|
CWE-94 CWE-74
Code Injection Injection
|
CVE-2024-12900
|
2024-12-23 11:15 |
2024-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
15
|
- |
|
-
|
-
|
home 5G HR02 and Wi-Fi STATION SH-54C contain an OS command injection vulnerability in the configuration restore function. An arbitrary OS command may be executed with the root privilege by an admini…
New
|
CWE-78
OS Command
|
CVE-2024-54082
|
2024-12-23 10:15 |
2024-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
16
|
- |
|
-
|
-
|
Multiple SHARP routers contain an improper authentication vulnerability in the configuration backup function. The product's backup files containing sensitive information may be retrieved by a remote …
New
|
CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere
|
CVE-2024-52321
|
2024-12-23 10:15 |
2024-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
17
|
- |
|
-
|
-
|
home 5G HR02, Wi-Fi STATION SH-52B, and Wi-Fi STATION SH-54C contain a buffer overflow vulnerability in the hidden debug function. A remote unauthenticated attacker may get the web console of the pro…
New
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-47864
|
2024-12-23 10:15 |
2024-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
18
|
- |
|
-
|
-
|
Multiple SHARP routers leave the hidden debug function enabled. An arbitrary OS command may be executed with the root privilege by a remote unauthenticated attacker.
New
|
CWE-489
Exposure of Data Element to Wrong Session
|
CVE-2024-46873
|
2024-12-23 10:15 |
2024-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
19
|
- |
|
-
|
-
|
home 5G HR02, Wi-Fi STATION SH-52B, and Wi-Fi STATION SH-54C contain an OS command injection vulnerability in the HOST name configuration screen. An arbitrary OS command may be executed with the root…
New
|
CWE-78
OS Command
|
CVE-2024-45721
|
2024-12-23 10:15 |
2024-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
20
|
- |
|
-
|
-
|
A vulnerability was found in 1000 Projects Attendance Tracking Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/course_action.php. T…
New
|
CWE-89 CWE-74
SQL Injection Injection
|
CVE-2024-12899
|
2024-12-23 10:15 |
2024-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|