2001
|
8.8 |
HIGH
Network
|
pricelisto
|
great_restaurant_menu_wp
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PriceListo Best Restaurant Menu by PriceListo allows SQL Injection.This issue affects Best Restau…
|
CWE-89
SQL Injection
|
CVE-2024-38793
|
2024-09-14 05:57 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2002
|
5.5 |
MEDIUM
Local
|
ibm
|
mq_operator
|
IBM MQ Operator 2.0.26 and 3.2.4 could allow a local user to cause a denial of service due to improper memory allocation causing a segmentation fault.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2024-40680
|
2024-09-14 05:55 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2003
|
6.1 |
MEDIUM
Network
|
wpengine
|
advanced_custom_fields
|
Cross-site scripting vulnerability exists in Advanced Custom Fields versions 6.3.5 and earlier and Advanced Custom Fields Pro versions 6.3.5 and earlier. If an attacker with the 'capability' setting …
|
CWE-79
Cross-site Scripting
|
CVE-2024-45429
|
2024-09-14 05:48 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2004
|
8.8 |
HIGH
Network
|
dell
|
smartfabric_os10
|
Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x , contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A…
|
CWE-77
Command Injection
|
CVE-2024-38486
|
2024-09-14 05:36 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2005
|
7.2 |
HIGH
Network
|
wedevs
|
wp_user_frontend
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs WP User Frontend allows SQL Injection.This issue affects WP User Frontend: from n/a throug…
|
CWE-89
SQL Injection
|
CVE-2024-38693
|
2024-09-14 05:35 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2006
|
5.4 |
MEDIUM
Network
|
qnap
|
notes_station_3
|
A cross-site scripting (XSS) vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.
We hav…
|
CWE-79
Cross-site Scripting
|
CVE-2024-27126
|
2024-09-14 05:31 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2007
|
7.5 |
HIGH
Network
accordors
|
accord_ors
|
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ariva Computer Accord ORS allows Retrieve Embedded Sensitive Data.This issue affects Accord ORS: before 7.3.2.1.
|
NVD-CWE-noinfo
|
CVE-2024-1744
|
2024-09-14 05:30 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2008
|
6.1 |
MEDIUM
Network
|
br-automation
|
industrial_automation_aprol
|
Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B&R APROL <= R 4.4-00P3 may allow a network-based attacker to execute arbitrary JavaScript code in the context of the user's brows…
|
CWE-79
Cross-site Scripting
|
CVE-2024-5624
|
2024-09-14 05:23 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2009
|
7.8 |
HIGH
Local
|
br-automation
|
industrial_automation_aprol
|
An untrusted search path vulnerability in the AprolConfigureCCServices of B&R APROL <= R 4.2.-07P3 and <= R 4.4-00P3 may allow an authenticated local attacker to execute arbitrary code with elevated …
|
CWE-426
Untrusted Search Path
|
CVE-2024-5622
|
2024-09-14 05:21 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2010
|
7.8 |
HIGH
Local
|
br-automation
|
industrial_automation_aprol
|
An untrusted search path vulnerability in B&R APROL <= R 4.4-00P3 may be used by an authenticated local attacker to get other users to execute arbitrary code under their privileges.
|
CWE-426
Untrusted Search Path
|
CVE-2024-5623
|
2024-09-14 05:19 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|