751
|
8.8 |
HIGH
Network
|
bhaskardhote
|
back_link_tracker
|
Cross-Site Request Forgery (CSRF) vulnerability in Bhaskar Dhote Back Link Tracker allows Blind SQL Injection.This issue affects Back Link Tracker: from n/a through 1.0.0.
Update
|
CWE-352
Origin Validation Error
|
CVE-2024-49617
|
2024-10-23 01:51 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
752
|
8.8 |
HIGH
Network
|
jordanlyall
|
mytweetlinks
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jordan Lyall MyTweetLinks allows Blind SQL Injection.This issue affects MyTweetLinks: from n/a th…
Update
|
CWE-89
SQL Injection
|
CVE-2024-49618
|
2024-10-23 01:50 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
753
|
8.8 |
HIGH
Network
|
henriquerodrigues
|
safetyforms
|
Cross-Site Request Forgery (CSRF) vulnerability in Henrique Rodrigues SafetyForms allows Blind SQL Injection.This issue affects SafetyForms: from n/a through 1.0.0.
Update
|
CWE-352
Origin Validation Error
|
CVE-2024-49615
|
2024-10-23 01:43 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
754
|
5.4 |
MEDIUM
Network
|
k2-service
|
product_customizer_light
|
The Product Customizer Light plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.0 due to insufficient input sanitization …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-9848
|
2024-10-23 01:42 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
755
|
8.8 |
HIGH
Network
|
nyasro
|
rate_own_post
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nyasro Rate Own Post allows Blind SQL Injection.This issue affects Rate Own Post: from n/a throug…
Update
|
CWE-89
SQL Injection
|
CVE-2024-49616
|
2024-10-23 01:41 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
756
|
7.4 |
HIGH
Network
|
bitdefender
|
total_security
|
A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software fails to properly validate website certificates. Specifically, if a site certificate …
Update
|
CWE-295
Improper Certificate Validation
|
CVE-2023-6055
|
2024-10-23 01:39 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
757
|
6.8 |
MEDIUM
Network
|
bitdefender
|
total_security
|
A vulnerability has been identified in the Bitdefender Total Security HTTPS scanning functionality where the product incorrectly checks the site's certificate, which allows an attacker to make MITM S…
Update
|
CWE-295
Improper Certificate Validation
|
CVE-2023-49567
|
2024-10-23 01:39 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
758
|
7.4 |
HIGH
Network
|
bitdefender
|
total_security
|
A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of certificates issued using the DSA signature algorithm. The product…
Update
|
CWE-295
Improper Certificate Validation
|
CVE-2023-6057
|
2024-10-23 01:38 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
759
|
7.4 |
HIGH
Network
|
bitdefender
|
total_security
|
A vulnerability has been discovered in Bitdefender Total Security HTTPS scanning functionality that results in the improper trust of self-signed certificates. The product is found to trust certificat…
Update
|
CWE-295
Improper Certificate Validation
|
CVE-2023-6056
|
2024-10-23 01:38 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
760
|
6.5 |
MEDIUM
Network
|
marvinlabs
|
wp_customer_area
|
The WP Customer Area WordPress plugin before 8.2.1 does not properly validates user capabilities in some of its AJAX actions, allowing any users to retrieve other user's account address.
Update
|
NVD-CWE-noinfo
|
CVE-2023-6824
|
2024-10-23 01:35 |
2024-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|