241
|
- |
|
-
|
-
|
Incorrect Privilege Assignment vulnerability in CodePassenger Job Board Manager for WordPress allows Privilege Escalation.This issue affects Job Board Manager for WordPress: from n/a through 1.0.
New
|
CWE-266
Incorrect Privilege Assignment
|
CVE-2024-49322
|
2024-10-18 21:52 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
242
|
- |
|
-
|
-
|
Deserialization of Untrusted Data vulnerability in Scott Olson My Reading Library allows Object Injection.This issue affects My Reading Library: from n/a through 1.0.
New
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-49318
|
2024-10-18 21:52 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
243
|
- |
|
-
|
-
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ZIPANG Point Maker allows PHP Local File Inclusion.This issue affects Point Ma…
New
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2024-49317
|
2024-10-18 21:52 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
244
|
- |
|
-
|
-
|
Unrestricted Upload of File with Dangerous Type vulnerability in ?? JiangQie Free Mini Program allows Upload a Web Shell to a Web Server.This issue affects JiangQie Free Mini Program: from n/a throug…
New
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-49314
|
2024-10-18 21:52 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
245
|
- |
|
-
|
-
|
Cross-Site Request Forgery (CSRF) vulnerability in RudeStan VKontakte Wall Post allows Stored XSS.This issue affects VKontakte Wall Post: from n/a through 2.0.
New
|
-
|
CVE-2024-49313
|
2024-10-18 21:52 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
246
|
- |
|
-
|
-
|
Server-Side Request Forgery (SSRF) vulnerability in WisdmLabs Edwiser Bridge.This issue affects Edwiser Bridge: from n/a through 3.0.7.
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2024-49312
|
2024-10-18 21:52 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
247
|
- |
|
-
|
-
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPFactory Email Verification for WooCommerce allows SQL Injection.This issue affects Email Verifi…
New
|
CWE-89
SQL Injection
|
CVE-2024-49305
|
2024-10-18 21:52 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
248
|
- |
|
-
|
-
|
Cross-Site Request Forgery (CSRF) vulnerability in PINPOINT.WORLD Pinpoint Booking System allows Stored XSS.This issue affects Pinpoint Booking System: from n/a through 2.9.9.5.1.
New
|
CWE-352
Origin Validation Error
|
CVE-2024-49304
|
2024-10-18 21:52 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
249
|
- |
|
-
|
-
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Surfer allows SQL Injection.This issue affects Surfer: from n/a through 1.5.0.502.
New
|
CWE-89
SQL Injection
|
CVE-2024-49299
|
2024-10-18 21:52 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
250
|
- |
|
-
|
-
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Zoho CRM Zoho CRM Lead Magnet allows SQL Injection.This issue affects Zoho CRM Lead Magnet: from …
New
|
CWE-89
SQL Injection
|
CVE-2024-49297
|
2024-10-18 21:52 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|