|
2571
|
4.9 |
MEDIUM
Network
|
bowo
|
code_explorer
|
The Code Explorer plugin for WordPress is vulnerable to arbitrary external file reading in all versions up to, and including, 1.4.5. This is due to the fact that the plugin does not restrict accessin…
|
NVD-CWE-Other
|
CVE-2023-5816
|
2024-11-7 08:07 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2572
|
5.4 |
MEDIUM
Network
|
joshlobe
|
ultimate_tinymce
|
The Ultimate TinyMCE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'field' shortcode in all versions up to, and including, 5.7 due to insufficient input sanitization and o…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8627
|
2024-11-7 08:06 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2573
|
5.5 |
MEDIUM
Network
|
ibm
|
websphere_application_server
|
IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A privileged user could exploit this vulnerability to expose sens…
|
CWE-611
XXE
|
CVE-2024-45086
|
2024-11-7 08:04 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2574
|
5.3 |
MEDIUM
Network
oracle
|
installed_base
|
Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: User Interface). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability a…
|
NVD-CWE-noinfo
|
CVE-2024-21258
|
2024-11-7 07:56 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2575
|
5.4 |
MEDIUM
Network
|
oracle
|
peoplesoft_enterprise_cost_center_common_application_objects
|
Vulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle PeopleSoft (component: Activity Guide Composer). The supported version that is affected is 9.2. Easily exp…
|
NVD-CWE-noinfo
|
CVE-2024-21264
|
2024-11-7 07:56 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2576
|
3.0 |
LOW
Adjacent
|
oracle
|
hyperion_bi\+
|
Vulnerability in the Oracle Hyperion BI+ product of Oracle Hyperion (component: UI and Visualization). The supported version that is affected is 11.2.18.0.000. Easily exploitable vulnerability allo…
|
NVD-CWE-noinfo
|
CVE-2024-21257
|
2024-11-7 07:55 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2577
|
8.1 |
HIGH
Network
|
oracle
|
process_manufacturing_product_development
|
Vulnerability in the Oracle Process Manufacturing Product Development product of Oracle E-Business Suite (component: Quality Manager Specification). Supported versions that are affected are 12.2.13-…
|
NVD-CWE-noinfo
|
CVE-2024-21250
|
2024-11-7 07:54 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2578
|
4.3 |
MEDIUM
Network
|
oracle
|
peoplesoft_enterprise_fin_expenses
|
Vulnerability in the PeopleSoft Enterprise FIN Expenses product of Oracle PeopleSoft (component: Expenses). The supported version that is affected is 9.2. Easily exploitable vulnerability allows lo…
|
NVD-CWE-noinfo
|
CVE-2024-21249
|
2024-11-7 07:53 |
2024-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2579
|
8.0 |
HIGH
Network
|
romadebrian
|
web-sekolah
|
A vulnerability classified as critical was found in romadebrian WEB-Sekolah 1.0. Affected by this vulnerability is an unknown functionality of the file /Proses_Kirim.php of the component Mail Handler…
|
CWE-89
SQL Injection
|
CVE-2024-10841
|
2024-11-7 07:50 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2580
|
4.8 |
MEDIUM
Network
|
romadebrian
|
web-sekolah
|
A vulnerability classified as problematic has been found in romadebrian WEB-Sekolah 1.0. Affected is an unknown function of the file /Admin/akun_edit.php of the component Backend. The manipulation of…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10840
|
2024-11-7 07:49 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
