|
491
|
5.4 |
MEDIUM
Network
|
-
|
-
|
IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3
could allow an authenticated user to inject malicious information or obtain information from log files due to improper log neutralizatio…
New
|
CWE-117
Improper Output Neutralization for Logs
|
CVE-2024-52891
|
2025-01-7 21:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
492
|
5.3 |
MEDIUM
Network
-
|
-
|
IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3 could disclose sensitive system information to an unauthorized actor that could be used in further attacks against the system.
New
|
CWE-497
Exposure of Sensitive System Information to an Unauthorized Control Sphere
|
CVE-2024-52367
|
2025-01-7 21:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
493
|
5.9 |
MEDIUM
Network
|
-
|
-
|
IBM Concert Software 1.0.0, 1.0.1, 1.0.2, 1.0.2.1, and 1.0.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An…
New
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2024-52366
|
2025-01-7 21:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
494
|
5.3 |
MEDIUM
Network
-
|
-
|
The RSVP and Event Management plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on several AJAX functions like bulk_delete_attendees() and bulk_delete_questi…
New
|
CWE-862
Missing Authorization
|
CVE-2024-12711
|
2025-01-7 21:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
495
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The BWD Elementor Addons plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.18 in widgets/bwdeb-content-switcher.php. This makes it possibl…
New
|
CWE-200
Information Exposure
|
CVE-2024-12532
|
2025-01-7 21:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
496
|
- |
|
-
|
-
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The Document Foundation LibreOffice allows Absolute Path Traversal.
An attacker can write to arbitr…
New
|
-
|
CVE-2024-12425
|
2025-01-7 21:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
497
|
5.3 |
MEDIUM
Network
-
|
-
|
The Jupiter X Core plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the export_popup_action() function in all versions up to, and including, 4.8.…
New
|
CWE-862
Missing Authorization
|
CVE-2024-12316
|
2025-01-7 21:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
498
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The Jupiter X Core plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the sync_libraries() function in all versions up to, and including, 4.8.5. This makes…
New
|
CWE-862
Missing Authorization
|
CVE-2024-12033
|
2025-01-7 21:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
499
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Quill Forms | The Best Typeform Alternative | Create Conversational Multi Step Form, Survey, Quiz, Cost Estimation or Donation Form on WordPress plugin for WordPress is vulnerable to Stored Cross…
New
|
CWE-79
Cross-site Scripting
|
CVE-2024-11826
|
2025-01-7 21:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
500
|
- |
|
-
|
-
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Service Shogun Ach Invoice App allows PHP Local File Inclusion.This issue affe…
New
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2025-22364
|
2025-01-7 20:15 |
2025-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
