1981
|
7.2 |
HIGH
Network
|
microsoft
|
sharepoint_server
|
Microsoft SharePoint Server Remote Code Execution Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-43464
|
2024-09-13 23:48 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1982
|
7.8 |
HIGH
Local
|
microsoft
|
365_apps office excel office_long_term_servicing_channel office_online_server
|
Microsoft Excel Elevation of Privilege Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-43465
|
2024-09-13 23:46 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1983
|
6.5 |
MEDIUM
Network
|
xyzscripts
|
insert_php_code_snippet
|
The Insert PHP Code Snippet plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3.6. This is due to missing or incorrect nonce validation in the /…
|
CWE-352
Origin Validation Error
|
CVE-2024-7420
|
2024-09-13 23:45 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1984
|
7.5 |
HIGH
Network
microsoft
|
sharepoint_server
|
Microsoft SharePoint Server Denial of Service Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-43466
|
2024-09-13 23:44 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1985
|
7.3 |
HIGH
Network
|
microsoft
|
windows_server_2008
|
Microsoft Windows Admin Center Information Disclosure Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-43475
|
2024-09-13 23:42 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1986
|
5.4 |
MEDIUM
Network
|
crocoblock
|
jetelements
|
The JetElements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' and 'slide_id' parameters in all versions up to, and including, 2.6.20 due to insufficient input sanitiz…
|
CWE-79
Cross-site Scripting
|
CVE-2024-7144
|
2024-09-13 23:40 |
2024-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1987
|
5.4 |
MEDIUM
Network
|
microsoft
|
dynamics_365
|
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
|
CWE-79
Cross-site Scripting
|
CVE-2024-43476
|
2024-09-13 23:39 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1988
|
8.8 |
HIGH
Network
|
crocoblock
|
jetelements
|
The JetElements plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.6.20 via the 'progress_type' parameter. This makes it possible for authenticated att…
|
CWE-22
Path Traversal
|
CVE-2024-7145
|
2024-09-13 23:39 |
2024-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1989
|
8.5 |
HIGH
Network
|
microsoft
|
power_automate
|
Microsoft Power Automate Desktop Remote Code Execution Vulnerability
|
NVD-CWE-noinfo
|
CVE-2024-43479
|
2024-09-13 23:38 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1990
|
4.3 |
MEDIUM
Network
|
bricksbuilder
|
bricks
|
The Bricks theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.8.1. This is due to missing or incorrect nonce validation on the 'save_settings' functio…
|
CWE-352
Origin Validation Error
|
CVE-2023-3408
|
2024-09-13 23:37 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|