2001
|
9.8 |
CRITICAL
Network
sherlock
|
gym_management_system
|
Code-Projects Gym Management System V1.0 allows remote attackers to execute arbitrary SQL commands via the login form, leading to unauthorized access and potential data manipulation. This vulnerabili…
|
CWE-89
SQL Injection
|
CVE-2023-37068
|
2024-09-25 10:15 |
2023-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2002
|
7.5 |
HIGH
Network
hitachienergy
|
rtu500_firmware
|
A vulnerability exists in HCI IEC 60870-5-104 function included in certain versions of the RTU500 series product. The vulnerability can only be exploited, if the HCI 60870-5-104 is configured with su…
|
CWE-787
Out-of-bounds Write
|
CVE-2022-4608
|
2024-09-25 10:15 |
2023-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2003
|
3.3 |
LOW
Local
|
silabs
|
gecko_software_development_kit
|
Buffer overflow in Platform CLI component in Silicon Labs Gecko SDK v4.2.1 and earlier allows user to overwrite limited structures on the heap.
|
CWE-131
Incorrect Calculation of Buffer Size
|
CVE-2023-2687
|
2024-09-25 10:15 |
2023-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2004
|
7.5 |
HIGH
Network
hitachienergy
|
rtu500_firmware
|
A vulnerability exists in the HCI IEC 60870-5-104 function included in certain versions of the RTU500 series product. The vulnerability can only be exploited, if the HCI 60870-5-104 is configured wit…
|
CWE-20
Improper Input Validation
|
CVE-2022-2502
|
2024-09-25 10:15 |
2023-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2005
|
9.8 |
CRITICAL
Network
ivanti
|
virtual_traffic_management
|
Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel.
|
CWE-287
Improper Authentication
|
CVE-2024-7593
|
2024-09-25 10:00 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2006
|
5.4 |
MEDIUM
Network
|
cyberhobo
|
geo_mashup
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dylan Kuhn Geo Mashup allows Stored XSS.This issue affects Geo Mashup: from n/a through 1.…
|
CWE-79
Cross-site Scripting
|
CVE-2024-44008
|
2024-09-25 07:08 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2007
|
6.1 |
MEDIUM
Network
|
sktthemes
|
skt_templates
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SKT Themes SKT Templates – Elementor & Gutenberg templates allows Reflected XSS.This issue…
|
CWE-79
Cross-site Scripting
|
CVE-2024-44007
|
2024-09-25 07:08 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2008
|
6.1 |
MEDIUM
Network
|
wclovers
|
wcfm_marketplace
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WC Lovers WCFM Marketplace allows Reflected XSS.This issue affects WCFM Marketplace: from …
|
CWE-79
Cross-site Scripting
|
CVE-2024-44009
|
2024-09-25 07:06 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2009
|
5.4 |
MEDIUM
Network
|
idxbroker
|
impress_for_idx_broker
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in IDX Broker IMPress for IDX Broker allows Stored XSS.This issue affects IMPress for IDX Bro…
|
CWE-79
Cross-site Scripting
|
CVE-2024-44047
|
2024-09-25 07:05 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2010
|
5.4 |
MEDIUM
Network
|
cryoutcreations
|
verbosa
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Verbosa allows Stored XSS.This issue affects Verbosa: from n/a through 1.2…
|
CWE-79
Cross-site Scripting
|
CVE-2024-44050
|
2024-09-25 07:04 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|