1231
|
8.8 |
HIGH
Network
|
cisco
|
nexus_dashboard_fabric_controller
|
A vulnerability in the REST API and web UI of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to perform a command injection attack agains…
|
CWE-77
Command Injection
|
CVE-2024-20432
|
2024-10-8 23:10 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1232
|
6.1 |
MEDIUM
Network
|
pixelite
|
events_manager
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pixelite Events Manager allows Reflected XSS.This issue affects Events Manager: from n/a through …
|
CWE-79
Cross-site Scripting
|
CVE-2023-48326
|
2024-10-8 23:03 |
2023-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1233
|
6.1 |
MEDIUM
Network
|
pixelite
|
events_manager
|
The Events Manager WordPress plugin before 5.9.8 does not sanitise and escape some search parameter before outputing them in pages, which could lead to Cross-Site Scripting issues
|
CWE-79
Cross-site Scripting
|
CVE-2020-35037
|
2024-10-8 23:03 |
2021-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1234
|
7.2 |
HIGH
Network
|
pixelite
|
events_manager
|
The Events Manager WordPress plugin before 5.9.8 does not sanitise and escape a parameter before using it in a SQL statement, leading to an SQL Injection
|
CWE-89
SQL Injection
|
CVE-2020-35012
|
2024-10-8 23:03 |
2021-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1235
|
5.4 |
MEDIUM
Network
|
pixelite
|
events_manager
|
The events-manager plugin through 5.9.5 for WordPress (aka Events Manager) is susceptible to Stored XSS due to improper encoding and insertion of data provided to the attribute map_style of shortcode…
|
CWE-79
Cross-site Scripting
|
CVE-2019-16523
|
2024-10-8 23:03 |
2019-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1236
|
6.1 |
MEDIUM
Network
|
pixelite
|
events_manager
|
The events-manager plugin before 5.3.6.1 for WordPress has XSS via the booking form and admin areas.
|
CWE-79
Cross-site Scripting
|
CVE-2013-7480
|
2024-10-8 23:03 |
2019-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1237
|
6.1 |
MEDIUM
Network
|
pixelite
|
events_manager
|
The events-manager plugin before 5.3.9 for WordPress has XSS in the search form field.
|
CWE-79
Cross-site Scripting
|
CVE-2013-7479
|
2024-10-8 23:03 |
2019-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1238
|
6.1 |
MEDIUM
Network
|
pixelite
|
events_manager
|
The events-manager plugin before 5.5 for WordPress has XSS via EM_Ticket::get_post.
|
CWE-79
Cross-site Scripting
|
CVE-2013-7478
|
2024-10-8 23:03 |
2019-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1239
|
6.1 |
MEDIUM
Network
|
pixelite
|
events_manager
|
The events-manager plugin before 5.5.2 for WordPress has XSS in the booking form.
|
CWE-79
Cross-site Scripting
|
CVE-2013-7477
|
2024-10-8 23:03 |
2019-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
1240
|
6.1 |
MEDIUM
Network
|
pixelite
|
events_manager
|
The events-manager plugin before 5.1.7 for WordPress has XSS via JSON call links.
|
CWE-79
Cross-site Scripting
|
CVE-2012-6716
|
2024-10-8 23:03 |
2019-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|