|
1941
|
- |
|
-
|
-
|
This High severity Stored XSS vulnerability was introduced in version 2.7.0 of Confluence Data Center.
This Stored XSS vulnerability, with a CVSS Score of 8.5, allows an authenticated attacker to …
|
-
|
CVE-2024-21678
|
2024-11-1 01:35 |
2024-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1942
|
7.5 |
HIGH
Network
totolink
|
cp300\+_firmware
|
TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem of the file lib/cste_modules/system which can reboot the system.
|
NVD-CWE-noinfo
|
CVE-2023-34669
|
2024-11-1 01:35 |
2023-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1943
|
7.8 |
HIGH
Local
|
google
|
android
|
In getLocationCache of GeoLocation.java, there is a possible way to send a mock location during an emergency call due to improper input validation. This could lead to local escalation of privilege wi…
|
NVD-CWE-noinfo
|
CVE-2023-35692
|
2024-11-1 01:35 |
2023-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1944
|
5.3 |
MEDIUM
Network
ovaledge
|
ovaledge
|
OvalEdge 5.2.8.0 and earlier is affected by a Sensitive Data Exposure vulnerability via a GET request to /user/getUserType. No authentication is required. The information disclosed is associated with…
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2022-30361
|
2024-11-1 01:34 |
2024-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1945
|
6.1 |
MEDIUM
Network
|
coralwebdesign
|
cwd_3d_image_gallery
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Coral Web Design CWD 3D Image Gallery allows Reflected XSS.This issue affects CWD 3D Image…
|
CWE-79
Cross-site Scripting
|
CVE-2024-49632
|
2024-11-1 01:31 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1946
|
4.7 |
MEDIUM
Network
|
ovaledge
|
ovaledge
|
OvalEdge 5.2.8.0 and earlier is affected by a Privilege Escalation vulnerability via a POST request to /user/assignuserrole via the userid and role parameters . Authentication is required with OE_ADM…
|
CWE-863
Incorrect Authorization
|
CVE-2022-30356
|
2024-11-1 01:31 |
2024-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1947
|
6.1 |
MEDIUM
Network
|
rimonhabib
|
bp_member_type_manager
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Rimon Habib BP Member Type Manager allows Reflected XSS.This issue affects BP Member Type …
|
CWE-79
Cross-site Scripting
|
CVE-2024-49634
|
2024-11-1 01:30 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1948
|
4.3 |
MEDIUM
Network
|
gaizhenbiao
|
chuanhuchatgpt
|
In the latest version (20240628) of gaizhenbiao/chuanhuchatgpt, an issue exists in the /file endpoint that allows authenticated users to access the chat history of other users. When a user logs in, a…
|
NVD-CWE-noinfo
|
CVE-2024-8143
|
2024-11-1 01:23 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1949
|
6.1 |
MEDIUM
Network
|
tidaweb
|
tida_url_screenshot
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tidaweb Tida URL Screenshot allows Reflected XSS.This issue affects Tida URL Screenshot: f…
|
CWE-79
Cross-site Scripting
|
CVE-2024-49641
|
2024-11-1 01:05 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1950
|
6.1 |
MEDIUM
Network
|
amadercodelab
|
acl_floating_cart_for_woocommerce
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AmaderCode Lab ACL Floating Cart for WooCommerce allows Reflected XSS.This issue affects A…
|
CWE-79
Cross-site Scripting
|
CVE-2024-49640
|
2024-11-1 01:04 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
