|
371
|
7.5 |
HIGH
Network
automaticsystems
|
soc_fl9600_firstlane_firmware
|
An issue in Automatic Systems SOC FL9600 FirstLane V06 lego_T04E00 allows a remote attacker to obtain sensitive information because there is an automaticsystems super admin account with astech as its…
Update
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2023-37608
|
2024-10-31 13:15 |
2024-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
372
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Easy SVG Upload plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output …
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-9708
|
2024-10-31 12:15 |
2024-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
373
|
- |
|
-
|
-
|
Piwigo v14.5.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Edit album function.
New
|
-
|
CVE-2024-48311
|
2024-10-31 11:15 |
2024-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
374
|
- |
|
-
|
-
|
A vulnerability was found in Codezips Pet Shop Management System 1.0. It has been classified as critical. This affects an unknown part of the file birdsupdate.php. The manipulation of the argument id…
New
|
-
|
CVE-2024-10561
|
2024-10-31 11:15 |
2024-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
375
|
- |
|
-
|
-
|
A vulnerability was found in SourceCodester Airport Booking Management System 1.0 and classified as critical. Affected by this issue is the function details of the component Passport Number Handler. …
New
|
CWE-120
Classic Buffer Overflow
|
CVE-2024-10559
|
2024-10-31 11:15 |
2024-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
376
|
5.3 |
MEDIUM
Network
-
|
-
|
The Woo Manage Fraud Orders plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.1.7 through publicly exposed log files. This makes it possible…
New
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-10544
|
2024-10-31 11:15 |
2024-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
377
|
9.8 |
CRITICAL
Network
swoopnow
|
1-click_login\
|
Authentication Bypass by Primary Weakness vulnerability in Swoop 1-Click Login: Passwordless Authentication allows Authentication Bypass.This issue affects 1-Click Login: Passwordless Authentication:…
Update
|
CWE-287
Improper Authentication
|
CVE-2024-50478
|
2024-10-31 10:44 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
378
|
5.4 |
MEDIUM
Network
|
amilia
|
store
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Martin Drapeau Amilia Store allows Stored XSS.This issue affects Amilia Store: from n/a th…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-50472
|
2024-10-31 10:42 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
379
|
5.4 |
MEDIUM
Network
|
checklist
|
trip_plan
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Checklist Trip Plan allows Stored XSS.This issue affects Trip Plan: from n/a through 1.0.1…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-50471
|
2024-10-31 10:37 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
380
|
5.4 |
MEDIUM
Network
|
themes4wp
|
youtube_external_subtitles
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themes4WP Themes4WP YouTube External Subtitles allows Stored XSS.This issue affects Themes…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2024-50470
|
2024-10-31 10:30 |
2024-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
