|
2331
|
5.4 |
MEDIUM
Network
|
adobe
|
experience_manager
|
Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the conte…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43723
|
2024-12-17 23:54 |
2024-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2332
|
5.4 |
MEDIUM
Network
|
adobe
|
experience_manager
|
Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the conte…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43722
|
2024-12-17 23:49 |
2024-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2333
|
5.4 |
MEDIUM
Network
|
adobe
|
experience_manager
|
Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be exploited by an attacker to execute arbitrary code in the conte…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43721
|
2024-12-17 23:49 |
2024-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2334
|
9.8 |
CRITICAL
Network
-
|
-
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mobil365 Informatics Saha365 App allows SQL Injection.This issue affects Saha365 App: before 30.0…
|
CWE-89
SQL Injection
|
CVE-2024-8972
|
2024-12-17 23:15 |
2024-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
2335
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Authorization Bypass Through User-Controlled Key vulnerability in NextGeography NG Analyser allows Functionality Misuse.This issue affects NG Analyser: before 2.2.711.
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-9819
|
2024-12-17 22:15 |
2024-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2336
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The ElementsReady Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.4.8 in inc/Widgets/accordion/output/content.php. Th…
|
CWE-200
Information Exposure
|
CVE-2024-10356
|
2024-12-17 22:15 |
2024-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2337
|
3.7 |
LOW
Network
|
-
|
-
|
The Easy Digital Downloads plugin for WordPress is vulnerable to Improper Authorization in versions 3.1 through 3.3.4. This is due to a lack of sufficient validation checks within the 'verify_guest_e…
|
CWE-863
Incorrect Authorization
|
CVE-2024-9654
|
2024-12-17 21:15 |
2024-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2338
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Authentication Bypass by Assumed-Immutable Data vulnerability in Digital Operation Services WiFiBurada allows Manipulating User-Controlled Variables.This issue affects WiFiBurada: before 1.0.5.
|
CWE-302
CWE-799
Authentication Bypass by Assumed-Immutable Data
Improper Control of Interaction Frequency
|
CVE-2024-8475
|
2024-12-17 21:15 |
2024-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2339
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Improper Restriction of Excessive Authentication Attempts vulnerability in Digital Operation Services WiFiBurada allows Use of Known Domain Credentials.This issue affects WiFiBurada: before 1.0.5.
|
CWE-201
CWE-307
Insertion of Sensitive Information Into Sent Data
mproper Restriction of Excessive Authentication Attempts
|
CVE-2024-8429
|
2024-12-17 21:15 |
2024-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2340
|
- |
|
-
|
-
|
Dell AppSync, version 4.6.0.x, contain a Symbolic Link (Symlink) Following vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to informat…
|
CWE-61
UNIX Symbolic Link (Symlink) Following
|
CVE-2024-52542
|
2024-12-17 21:15 |
2024-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
