2841
|
8.8 |
HIGH
Network
|
esafenet
|
cdg
|
A vulnerability has been found in ESAFENET CDG 5 and classified as critical. This vulnerability affects the function getOneFileDirectory of the file /com/esafenet/servlet/fileManagement/FileDirectory…
|
CWE-89
SQL Injection
|
CVE-2024-10502
|
2024-11-7 02:20 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2842
|
8.8 |
HIGH
Network
|
esafenet
|
cdg
|
A vulnerability, which was classified as critical, was found in ESAFENET CDG 5. This affects the function findById of the file /com/esafenet/servlet/document/ExamCDGDocService.java. The manipulation …
|
CWE-89
SQL Injection
|
CVE-2024-10501
|
2024-11-7 02:20 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2843
|
4.3 |
MEDIUM
Network
|
octolize
|
woocommerce_ups_shipping
|
The WooCommerce UPS Shipping – Live Rates and Access Points plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the delete_oauth_data function…
|
CWE-862
Missing Authorization
|
CVE-2024-9109
|
2024-11-7 02:18 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2844
|
5.4 |
MEDIUM
Network
|
neumann
|
n-line
|
N-LINE 2.0.6 and prior versions contain a code injection vulnerability. If this vulnerability is exploited, arbitrary code may be executed on the instructor's browser, or the instructor may be direct…
|
CWE-94
Code Injection
|
CVE-2024-47158
|
2024-11-7 02:10 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2845
|
7.5 |
HIGH
Network
neumann
|
musasi
|
MUSASI version 3 contains an issue with use of client-side authentication. If this vulnerability is exploited, other users' credential and sensitive information may be retrieved.
|
NVD-CWE-Other
|
CVE-2024-45785
|
2024-11-7 02:08 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2846
|
9.8 |
CRITICAL
Network
lindeni
|
multi_purpose_mail_form
|
Unrestricted Upload of File with Dangerous Type vulnerability in mahlamusa Multi Purpose Mail Form allows Upload a Web Shell to a Web Server.This issue affects Multi Purpose Mail Form: from n/a throu…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-50526
|
2024-11-7 02:07 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2847
|
7.5 |
HIGH
Network
stacksmarket
|
stacks_mobile_app_builder
|
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Stacks Stacks Mobile App Builder allows Retrieve Embedded Sensitive Data.This issue affects Stacks Mobile A…
|
NVD-CWE-Other
|
CVE-2024-50528
|
2024-11-7 02:06 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2848
|
9.8 |
CRITICAL
Network
stacksmarket
|
stacks_mobile_app_builder
|
Unrestricted Upload of File with Dangerous Type vulnerability in Stacks Stacks Mobile App Builder allows Upload a Web Shell to a Web Server.This issue affects Stacks Mobile App Builder: from n/a thro…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-50527
|
2024-11-7 02:06 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
2849
|
8.8 |
HIGH
Network
|
rudrainnovative
|
training_-_courses
|
Unrestricted Upload of File with Dangerous Type vulnerability in Rudra Innnovative Software Training – Courses allows Upload a Web Shell to a Web Server.This issue affects Training – Courses: from n/…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-50529
|
2024-11-7 02:04 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2850
|
9.8 |
CRITICAL
Network
dfactory
|
responsive_lightbox
|
Missing Authorization vulnerability in dFactory Responsive Lightbox allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Responsive Lightbox: from n/a through 2.4.7.
|
CWE-862
Missing Authorization
|
CVE-2024-43924
|
2024-11-7 02:03 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|