721
|
8.8 |
HIGH
Network
|
infomaniak
|
vod_infomaniak
|
Cross-Site Request Forgery (CSRF) vulnerability in Infomaniak Staff VOD Infomaniak allows Cross Site Request Forgery.This issue affects VOD Infomaniak: from n/a through 1.5.7.
Update
|
CWE-352
Origin Validation Error
|
CVE-2024-49274
|
2024-10-23 03:39 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
722
|
8.8 |
HIGH
Network
|
northernbeacheswebsites
|
ideapush
|
Cross-Site Request Forgery (CSRF) vulnerability in Martin Gibson IdeaPush allows Cross Site Request Forgery.This issue affects IdeaPush: from n/a through 8.69.
Update
|
CWE-352
Origin Validation Error
|
CVE-2024-49275
|
2024-10-23 03:36 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
723
|
7.1 |
HIGH
Network
|
cisco
|
ata_191_firmware ata_192_firmware
|
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to modify the configuration or reboot a…
Update
|
NVD-CWE-Other
|
CVE-2024-20463
|
2024-10-23 03:36 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
724
|
8.8 |
HIGH
Network
|
wp-buy
|
wp_content_copy_protection_\&_no_right_click
|
Cross-Site Request Forgery (CSRF) vulnerability in WP-buy WP Content Copy Protection & No Right Click allows Cross Site Request Forgery.This issue affects WP Content Copy Protection & No Right Click:…
Update
|
CWE-352
Origin Validation Error
|
CVE-2024-49306
|
2024-10-23 03:35 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
725
|
8.8 |
HIGH
Network
|
boxystudio
|
cooked
|
Cross-Site Request Forgery (CSRF) vulnerability in Gora Tech LLC Cooked Pro allows Cross Site Request Forgery.This issue affects Cooked Pro: from n/a before 1.8.0.
Update
|
CWE-352
Origin Validation Error
|
CVE-2024-49290
|
2024-10-23 03:35 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
726
|
5.4 |
MEDIUM
Network
|
phpgurukul
|
hospital_management_system
|
PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) via the patname, pataddress, and medhis parameters in doctor/add-patient.php and doctor/edit-patient.php.
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-46237
|
2024-10-23 03:35 |
2024-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
727
|
6.7 |
MEDIUM
Local
|
google
|
android
|
In camera middleware, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2023-20797
|
2024-10-23 03:35 |
2023-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
728
|
8.8 |
HIGH
Network
|
noorsplugin
|
wordpress_image_seo
|
Cross-Site Request Forgery (CSRF) vulnerability in Noor Alam WordPress Image SEO allows Cross Site Request Forgery.This issue affects WordPress Image SEO: from n/a through 1.1.4.
Update
|
CWE-352
Origin Validation Error
|
CVE-2024-49627
|
2024-10-23 03:33 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
729
|
8.8 |
HIGH
Network
|
wpdiscover
|
photo_gallery_builder
|
Subscriber Broken Access Control in Photo Gallery Builder <= 3.0 versions.
Update
|
CWE-862
Missing Authorization
|
CVE-2024-49325
|
2024-10-23 03:33 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
730
|
5.5 |
MEDIUM
Local
|
cisco
|
ata_191_firmware ata_192_firmware
|
A vulnerability in the web-based management interface of Cisco ATA 190 Series Multiplatform Analog Telephone Adapter firmware could allow an authenticated, local attacker with low privileges to view …
Update
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2024-20462
|
2024-10-23 03:33 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|