|
1691
|
6.1 |
MEDIUM
Network
|
solarwinds
|
solarwinds_platform
|
Insufficient sanitization of inputs in QoE application input field could lead to stored and Dom based XSS attack. This issue is fixed and released in SolarWinds Platform (2022.3.0).
|
CWE-79
Cross-site Scripting
|
CVE-2022-36965
|
2024-09-17 03:15 |
2022-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1692
|
8.8 |
HIGH
Network
|
aioseo
|
all_in_one_seo
|
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in All in One SEO plugin <= 4.2.3.1 at WordPress.
|
CWE-352
Origin Validation Error
|
CVE-2022-38093
|
2024-09-17 03:15 |
2022-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1693
|
7.3 |
HIGH
Local
|
miele
|
benchmark_programming_tool
|
In Miele Benchmark Programming Tool with versions Prior to 1.2.71, executable files manipulated by attackers are unknowingly executed with users privileges. An attacker with low privileges may trick …
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2022-22521
|
2024-09-17 03:15 |
2022-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1694
|
5.4 |
MEDIUM
Network
|
wp-downloadmanager_project
|
wp-downloadmanager
|
Auth. (admin+) Reflected Cross-Site Scripting (XSS) vulnerability discovered in WP-DownloadManager plugin <= 1.68.6 versions.
|
CWE-79
Cross-site Scripting
|
CVE-2021-44760
|
2024-09-17 03:15 |
2022-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1695
|
4.8 |
MEDIUM
Network
|
ampforwp
|
accelerated_mobile_pages
|
Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability discovered in AMP for WP – Accelerated Mobile Pages plugin <= 1.0.77.31 versions.
|
CWE-79
Cross-site Scripting
|
CVE-2021-23150
|
2024-09-17 03:15 |
2022-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1696
|
6.5 |
MEDIUM
Network
|
mongodb
|
mongodb
|
An attacker with basic CRUD permissions on a replicated collection can run the applyOps command with specially malformed oplog entries, resulting in a potential denial of service on secondaries. This…
|
CWE-20
Improper Input Validation
|
CVE-2021-20330
|
2024-09-17 03:15 |
2021-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1697
|
8.2 |
HIGH
Network
|
cusmin
|
absolutely_glamorous_custom_admin
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cusmin AGCA - Absolutely Glamorous Custom Admin (WordPress plugin) allows Stored XSS.This issue a…
|
CWE-79
Cross-site Scripting
|
CVE-2021-36823
|
2024-09-17 03:15 |
2021-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1698
|
6.5 |
MEDIUM
Network
|
mongodb
|
mongodb
|
A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use the $mod operator to overflow negative values. This issue affects: MongoDB …
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2019-2392
|
2024-09-17 03:15 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1699
|
8.1 |
HIGH
Network
|
dell
|
powermax_os
emc_unisphere_for_powermax_virtual_appliance
emc_unisphere_for_powermax
|
Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 contain an improper certificate …
|
CWE-295
Improper Certificate Validation
|
CVE-2020-5367
|
2024-09-17 03:15 |
2020-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1700
|
8.8 |
HIGH
Network
|
solarwinds
|
access_rights_manager
|
SolarWinds Access Rights Manager (ARM) was found to be susceptible to a remote code execution vulnerability. If exploited, this vulnerability would allow an authenticated user to abuse the service, r…
|
NVD-CWE-noinfo
|
CVE-2024-28991
|
2024-09-17 03:06 |
2024-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
