1111
|
6.1 |
MEDIUM
Network
|
pixelite
|
events_manager
|
The events-manager plugin before 5.5.7.1 for WordPress has DOM XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2015-9299
|
2024-10-8 23:03 |
2019-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1112
|
9.8 |
CRITICAL
Network
pixelite
|
events_manager
|
The events-manager plugin before 5.6 for WordPress has code injection.
|
CWE-94
Code Injection
|
CVE-2015-9298
|
2024-10-8 23:03 |
2019-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1113
|
6.1 |
MEDIUM
Network
|
pixelite
|
events_manager
|
The events-manager plugin before 5.6 for WordPress has XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2015-9297
|
2024-10-8 23:03 |
2019-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1114
|
4.8 |
MEDIUM
Network
|
pixelite
|
events_manager
|
The Events Manager plugin 5.9.4 for WordPress has XSS via the dbem_event_reapproved_email_body parameter to the wp-admin/edit.php?post_type=event&page=events-manager-options URI.
|
CWE-79
Cross-site Scripting
|
CVE-2018-13137
|
2024-10-8 23:03 |
2019-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1115
|
5.4 |
MEDIUM
Network
|
pixelite
|
events_manager
|
Cross-site scripting vulnerability in Events Manager plugin prior to version 5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2018-0576
|
2024-10-8 23:03 |
2018-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1116
|
5.4 |
MEDIUM
Network
|
pixelite
|
events_manager
|
The Events Manager plugin before 5.8.1.2 for WordPress allows XSS via the events-manager.js mapTitle parameter in the Google Maps miniature.
|
CWE-79
Cross-site Scripting
|
CVE-2018-9020
|
2024-10-8 23:03 |
2018-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1117
|
6.5 |
MEDIUM
Network
|
openc3
|
cosmos
|
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. A path traversal vulnerability inside of LocalMode's open_local_file method all…
|
CWE-22
Path Traversal
|
CVE-2024-46977
|
2024-10-8 23:02 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1118
|
6.1 |
MEDIUM
Network
|
openc3
|
cosmos
|
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. The login functionality contains a reflected cross-site scripting (XSS) vulnera…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43795
|
2024-10-8 23:01 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1119
|
5.4 |
MEDIUM
Network
|
cisco
|
nexus_dashboard nexus_dashboard_fabric_controller
|
A vulnerability in the REST API endpoints of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to read or write files on an affected device.
This vulnerability exists becaus…
|
CWE-862
Missing Authorization
|
CVE-2024-20438
|
2024-10-8 22:54 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1120
|
9.1 |
CRITICAL
Network
|
cisco
|
rv042_firmware rv042g_firmware rv320_firmware rv325_firmware
|
A vulnerability in the web-based management interface of Cisco Small Business RV042, RV042G, RV320, and RV325 Routers could allow an authenticated, Administrator-level, remote attacker to execute arb…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-20521
|
2024-10-8 22:50 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|