381
|
- |
|
-
|
-
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPManageNinja LLC Fluent Support allows SQL Injection.This issue affects Fluent Support: from n/a…
|
CWE-89
SQL Injection
|
CVE-2024-47304
|
2024-10-18 21:52 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
382
|
- |
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in easy.Jobs EasyJobs allows Reflected XSS.This issue affects EasyJobs: from n/a through 2.4.…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43997
|
2024-10-18 21:52 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
383
|
- |
|
-
|
-
|
The affected product is vulnerable to an attacker being able to use commands without providing a password which may allow an attacker to leak information.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-49399
|
2024-10-18 21:52 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
384
|
- |
|
-
|
-
|
The affected product is vulnerable to unrestricted file uploads, which may allow an attacker to remotely execute code.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-49398
|
2024-10-18 21:52 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
385
|
- |
|
-
|
-
|
The affected product is vulnerable to a cross-site scripting attack which may allow an attacker to bypass authentication and takeover admin accounts.
|
CWE-79
Cross-site Scripting
|
CVE-2024-49397
|
2024-10-18 21:52 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
386
|
- |
|
-
|
-
|
The affected product is vulnerable due to insufficiently protected credentials, which may allow an attacker to impersonate Elvaco and send false information.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2024-49396
|
2024-10-18 21:52 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
387
|
- |
|
-
|
-
|
Tenda G3 v15.01.0.5(2848_755)_EN was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in as root
|
-
|
CVE-2024-48192
|
2024-10-18 21:52 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
388
|
- |
|
-
|
-
|
A vulnerability, which was classified as critical, was found in flairNLP flair 0.14.0. Affected is the function ClusteringModel of the file flair\models\clustering.py of the component Mode File Loade…
|
CWE-94
Code Injection
|
CVE-2024-10073
|
2024-10-18 21:52 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
389
|
- |
|
-
|
-
|
A vulnerability, which was classified as critical, has been found in ESAFENET CDG 5. This issue affects the function actionAddEncryptPolicyGroup of the file /com/esafenet/servlet/policy/EncryptPolicy…
|
CWE-89
SQL Injection
|
CVE-2024-10072
|
2024-10-18 21:52 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
390
|
- |
|
-
|
-
|
In LAquis SCADA version 4.7.1.511, a cross-site scripting vulnerability could allow an attacker to inject arbitrary code into a web page. This could allow an attacker to steal cookies, redirect users…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9414
|
2024-10-18 21:52 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|