1971
|
5.4 |
MEDIUM
Network
|
adobe
|
experience_manager
|
Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts in…
|
CWE-79
Cross-site Scripting
|
CVE-2024-34128
|
2024-09-13 00:58 |
2024-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1972
|
6.1 |
MEDIUM
Network
|
hyperview
|
geoportal_toolkit
|
HyperView Geoportal Toolkit in versions lower than 8.5.0 is vulnerable to Reflected Cross-Site Scripting (XSS). An unauthenticated attacker might trick somebody into using a crafted URL, which will c…
|
CWE-79
Cross-site Scripting
|
CVE-2024-6450
|
2024-09-13 00:42 |
2024-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1973
|
4.1 |
MEDIUM
Network
|
ibm
|
cloud_pak_for_security qradar_suite
|
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.11.0 and IBM QRadar Suite Software 1.10.12.0 through 1.10.23.0 does not invalidate session after logout which could allow another user to obtai…
|
CWE-613
Insufficient Session Expiration
|
CVE-2022-38382
|
2024-09-13 00:37 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1974
|
9.8 |
CRITICAL
Network
zioncom
|
a7000r_firmware
|
An issue in ZIONCOM (Hong Kong) Technology Limited A7000R v.4.1cu.4154 allows an attacker to execute arbitrary code via the cig-bin/cstecgi.cgi to the settings/setPasswordCfg function.
|
NVD-CWE-noinfo
|
CVE-2023-46510
|
2024-09-13 00:35 |
2023-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1975
|
9.8 |
CRITICAL
Network
contec
|
solarview_compact_firmware
|
An issue in Contec SolarView Compact v.6.0 and before allows an attacker to execute arbitrary code via the texteditor.php component.
|
NVD-CWE-noinfo
|
CVE-2023-46509
|
2024-09-13 00:35 |
2023-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1976
|
7.5 |
HIGH
Network
gougucms
|
gougucms
|
gougucms v4.08.18 was discovered to contain a password reset poisoning vulnerability which allows attackers to arbitrarily reset users' passwords via a crafted packet.
|
NVD-CWE-noinfo
|
CVE-2023-46393
|
2024-09-13 00:35 |
2023-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1977
|
7.8 |
HIGH
Local
|
cmsmadesimple
|
cms_made_simple
|
An issue in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted payload to the Content Manager Menu component.
|
NVD-CWE-Other
|
CVE-2023-43352
|
2024-09-13 00:35 |
2023-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1978
|
7.5 |
HIGH
Network
linecorp
|
line
|
An issue in rmc R Beauty CLINIC Line v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request.
|
NVD-CWE-noinfo
|
CVE-2023-38848
|
2024-09-13 00:35 |
2023-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1979
|
7.5 |
HIGH
Network
linecorp
|
line
|
An issue in CHRISTINA JAPAN Line v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request.
|
NVD-CWE-noinfo
|
CVE-2023-38847
|
2024-09-13 00:35 |
2023-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1980
|
7.5 |
HIGH
Network
linecorp
|
line
|
An issue in Marbre Lapin Line v.13.6.1 allows a remote attacker to obtain sensitive information via crafted GET request.
|
NVD-CWE-noinfo
|
CVE-2023-38846
|
2024-09-13 00:35 |
2023-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|