211
|
- |
|
-
|
-
|
Unrestricted Upload of File with Dangerous Type vulnerability in Ecomerciar Woocommerce Custom Profile Picture allows Upload a Web Shell to a Web Server.This issue affects Woocommerce Custom Profile …
New
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-49658
|
2024-10-24 01:15 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
212
|
- |
|
-
|
-
|
Missing Authorization vulnerability in ReneeCussack 3D Work In Progress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 3D Work In Progress: from n/a throug…
New
|
CWE-862
Missing Authorization
|
CVE-2024-49657
|
2024-10-24 01:15 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
213
|
- |
|
-
|
-
|
Unrestricted Upload of File with Dangerous Type vulnerability in James Eggers Portfolleo portfolleo allows Upload a Web Shell to a Web Server.This issue affects Portfolleo: from n/a through 1.2.
New
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-49653
|
2024-10-24 01:15 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
214
|
- |
|
-
|
-
|
Unrestricted Upload of File with Dangerous Type vulnerability in ReneeCussack 3D Work In Progress allows Upload a Web Shell to a Web Server.This issue affects 3D Work In Progress: from n/a through 1.…
New
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-49652
|
2024-10-24 01:15 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
215
|
- |
|
-
|
-
|
HCL Sametime is impacted by insecure services in-use on the UIM client by default. An unused legacy REST service was enabled by default using the HTTP protocol. An attacker could potentially use this…
New
|
-
|
CVE-2024-30124
|
2024-10-24 01:15 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
216
|
- |
|
-
|
-
|
A vulnerability was found in ZZCMS 2023. It has been classified as critical. Affected is the function Ebak_SetGotoPak of the file 3/Ebbak5.1/upload/class/functions.php. The manipulation of the argume…
New
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-10293
|
2024-10-24 01:15 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
217
|
- |
|
-
|
-
|
A vulnerability was found in ZZCMS 2023 and classified as critical. This issue affects some unknown processing of the file 3/Ebak5.1/upload/ChangeTable.php. The manipulation of the argument savefilen…
New
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-10292
|
2024-10-24 01:15 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
218
|
- |
|
-
|
-
|
A vulnerability has been found in ZZCMS 2023 and classified as critical. This vulnerability affects the function Ebak_DoExecSQL/Ebak_DotranExecutSQL of the file 3/Ebak5.1/upload/phome.php. The manipu…
New
|
CWE-89
SQL Injection
|
CVE-2024-10291
|
2024-10-24 01:15 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
219
|
5.3 |
MEDIUM
Network
stylemixthemes
|
cost_calculator_builder
|
The Cost Calculator Builder PRO plugin for WordPress is vulnerable to price manipulation in all versions up to, and including, 3.2.1. This is due to the plugin allowing the price field to be manipula…
Update
|
NVD-CWE-Other
|
CVE-2024-6010
|
2024-10-24 01:15 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
220
|
- |
|
-
|
-
|
IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.3 are vulnerable to server-side request forgery (SSRF). By sending a specially crafted r…
Update
|
-
|
CVE-2024-22329
|
2024-10-24 01:15 |
2024-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|