|
1051
|
- |
|
-
|
-
|
A remote code execution vulnerability exists in the affected
product. The vulnerability allows users to save projects within the public
directory allowing anyone with local access to modify and/or de…
New
|
-
|
CVE-2024-37365
|
2024-11-13 00:48 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1052
|
- |
|
-
|
-
|
A vulnerability was found in ZZCMS up to 2023. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/msg.php. The manipulation of the argument keyw…
New
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2024-11130
|
2024-11-13 00:48 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1053
|
- |
|
-
|
-
|
A vulnerability was found in code-projects Job Recruitment up to 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file admin.php. The manipulat…
New
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2024-11127
|
2024-11-13 00:48 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1054
|
- |
|
-
|
-
|
A vulnerability was found in Digistar AG-30 Plus 2.6b. It has been classified as problematic. Affected is an unknown function of the component Login Page. The manipulation leads to improper restricti…
New
|
CWE-307
CWE-799
mproper Restriction of Excessive Authentication Attempts
Improper Control of Interaction Frequency
|
CVE-2024-11126
|
2024-11-13 00:48 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1055
|
- |
|
-
|
-
|
A vulnerability was found in GetSimpleCMS 3.3.16 and classified as problematic. This issue affects some unknown processing of the file /admin/profile.php. The manipulation leads to cross-site request…
New
|
CWE-352
CWE-862
Origin Validation Error
Missing Authorization
|
CVE-2024-11125
|
2024-11-13 00:48 |
2024-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1056
|
- |
|
-
|
-
|
A vulnerability has been found in TimGeyssens UIOMatic 5 and classified as critical. This vulnerability affects unknown code of the file /src/UIOMatic/wwwroot/backoffice/resources/uioMaticObject.r. T…
New
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2024-11124
|
2024-11-13 00:48 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1057
|
5.4 |
MEDIUM
Network
|
markjaquith
|
subscribe_to_comments
|
A vulnerability, which was classified as problematic, was found in Subscribe to Comments Plugin up to 2.0.7 on WordPress. This affects an unknown part of the file subscribe-to-comments.php. The manip…
Update
|
CWE-79
Cross-site Scripting
|
CVE-2006-10001
|
2024-11-13 00:38 |
2023-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1058
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly validate authorization of a user to query the "/api/sftp/users" endpoin…
New
|
-
|
CVE-2024-46894
|
2024-11-13 00:35 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1059
|
5.3 |
MEDIUM
Network
-
|
-
|
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly restrict the size of generated log files. This could allow an unauthent…
New
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2024-46891
|
2024-11-13 00:35 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
1060
|
- |
|
-
|
-
|
The RSS Feed Widget WordPress plugin before 3.0.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could al…
New
|
-
|
CVE-2024-9836
|
2024-11-13 00:35 |
2024-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
