241
|
- |
|
-
|
-
|
There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.9.1, 10.8.1 and 10.7.1 which may allow a remote, unauthenticated attacker to create a crafted link which when clicked coul…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-38038
|
2024-10-5 03:15 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
242
|
- |
|
-
|
-
|
There is an unvalidated redirect vulnerability in Esri Portal for ArcGIS 11.0 and 10.9.1 that may allow a remote, unauthenticated attacker to craft a URL that could redirect a victim to an arbitrary …
New
|
CWE-601
Open Redirect
|
CVE-2024-38037
|
2024-10-5 03:15 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
243
|
- |
|
-
|
-
|
There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.9.1, 10.8.1 and 10.7.1 which may allow a remote, unauthenticated attacker to create a crafted link which when clicked coul…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-38036
|
2024-10-5 03:15 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
244
|
- |
|
-
|
-
|
There is a reflected cross site scripting in Esri Portal for ArcGIS 11.1 and below on Windows and Linux x64 allows a remote authenticated attacker with administrative access to supply a crafted strin…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-25707
|
2024-10-5 03:15 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
245
|
- |
|
-
|
-
|
There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Sites versions 10.8.1 – 11.1 that may allow a remote, authenticated attacker to create a crafted link that is…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-25702
|
2024-10-5 03:15 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
246
|
- |
|
-
|
-
|
There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise Experience Builder versions 10.8.1 – 11.1 that may allow a remote, authenticated attacker to create a crafted…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-25701
|
2024-10-5 03:15 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
247
|
- |
|
-
|
-
|
There is a stored Cross-site Scripting vulnerability in Esri Portal for ArcGIS Enterprise versions 10.8.1 – 10.9.1 that may allow a remote, authenticated attacker to create a crafted link that is sto…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-25694
|
2024-10-5 03:15 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
248
|
- |
|
-
|
-
|
There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 11.1, 10.9.1 and 10.8.1 which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could …
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-25691
|
2024-10-5 03:15 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
249
|
4.3 |
MEDIUM
Network
|
bg5sbk
|
minicms
|
A vulnerability was found in bg5sbk MiniCMS up to 1.11 and classified as problematic. This issue affects some unknown processing of the file post-edit.php. The manipulation leads to cross-site reques…
Update
|
CWE-352
Origin Validation Error
|
CVE-2024-9281
|
2024-10-5 03:15 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
250
|
9.8 |
CRITICAL
Network
kvf-admin_project
|
kvf-admin
|
A vulnerability has been found in kalvinGit kvf-admin up to f12a94dc1ebb7d1c51ee978a85e4c7ed75c620ff and classified as critical. This vulnerability affects the function fileUpload of the file FileUpl…
Update
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-9280
|
2024-10-5 03:00 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|