1221
|
7.5 |
HIGH
Network
veertu
|
anka_build_cloud
|
A directory traversal vulnerability exists in the log files download functionality of Veertu Anka Build 1.42.0. A specially crafted HTTP request can result in a disclosure of arbitrary files. An atta…
|
CWE-22
Path Traversal
|
CVE-2024-41922
|
2024-10-8 23:48 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1222
|
7.5 |
HIGH
Network
veertu
|
anka_build_cloud
|
A directory traversal vulnerability exists in the archive download functionality of Veertu Anka Build 1.42.0. A specially crafted HTTP request can lead to a disclosure of arbitrary files. An attacker…
|
CWE-22
Path Traversal
|
CVE-2024-41163
|
2024-10-8 23:47 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1223
|
8.8 |
HIGH
Network
|
cisco
|
rv340_dual_wan_gigabit_vpn_router_firmware rv340w_dual_wan_gigabit_wireless-ac_vpn_router_firmware rv345_dual_wan_gigabit_vpn_router_firmware rv345p_dual_wan_gigabit_poe_vpn_router_firmware
|
A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to elevate pr…
|
NVD-CWE-noinfo
|
CVE-2024-20393
|
2024-10-8 23:37 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1224
|
9.8 |
CRITICAL
Network
codezips
|
online_shopping_portal
|
A vulnerability was found in Codezips Online Shopping Portal 1.0. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument username …
|
CWE-89
SQL Injection
|
CVE-2024-9460
|
2024-10-8 23:33 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1225
|
5.4 |
MEDIUM
Network
|
sulu
|
sulu
|
Sulu is a PHP content management system. Sulu is vulnerable against XSS whereas a low privileged user with access to the “Media” section can upload an SVG file with a malicious payload. Once uploaded…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47618
|
2024-10-8 23:31 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1226
|
7.2 |
HIGH
Network
|
cisco
|
unified_computing_system
|
A vulnerability in the Redfish API of Cisco UCS B-Series, Cisco UCS Managed C-Series, and Cisco UCS X-Series Servers could allow an authenticated, remote attacker with administrative privileges to pe…
|
CWE-77
Command Injection
|
CVE-2024-20365
|
2024-10-8 23:28 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1227
|
6.1 |
MEDIUM
Network
|
sulu
|
sulu
|
Sulu is a PHP content management system. This vulnerability allows an attacker to inject arbitrary HTML/JavaScript code through the media download URL in Sulu CMS. It affects the SuluMediaBundle comp…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47617
|
2024-10-8 23:23 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1228
|
5.9 |
MEDIUM
Network
|
cisco
|
nexus_dashboard_orchestrator
|
A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard Orchestrator (NDO) could allow an unauthenticated, remote attacker to intercept sensitive information from an affected device.&n…
|
CWE-295
Improper Certificate Validation
|
CVE-2024-20385
|
2024-10-8 23:22 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1229
|
7.5 |
HIGH
Network
hypestudio
|
social_web_suite
|
The Social Web Suite – Social Media Auto Post, Social Media Auto Publish plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 4.1.11 via the download_log fu…
|
CWE-22
Path Traversal
|
CVE-2024-8352
|
2024-10-8 23:17 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
1230
|
- |
|
foxit
|
pdf_reader
|
A use-after-free vulnerability exists in the way Foxit Reade 2024.1.0.23997 handles a checkbox field object. A specially crafted Javascript code inside a malicious PDF document can trigger this vuln…
|
CWE-416
Use After Free
|
CVE-2024-28888
|
2024-10-8 23:14 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|