|
1071
|
- |
|
-
|
-
|
Local privilege escalation due to excessive permissions assigned to Tray Monitor service. The following products are affected: Acronis Cyber Protect 16 (Linux, macOS, Windows) before build 39169, Acr…
|
CWE-266
Incorrect Privilege Assignment
|
CVE-2024-55542
|
2025-01-3 01:15 |
2025-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1072
|
- |
|
-
|
-
|
Stored cross-site scripting (XSS) vulnerability due to missing origin validation in postMessage. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 39169.
|
CWE-79
Cross-site Scripting
|
CVE-2024-55541
|
2025-01-3 01:15 |
2025-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1073
|
- |
|
-
|
-
|
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect 16 (Windows) before build 39169.
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2024-55540
|
2025-01-3 01:15 |
2025-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1074
|
- |
|
-
|
-
|
Kentico CMS in version 7 is vulnerable to a Reflected XSS attacks through manipulation of a specific GET request parameter sent to /CMSMessages/AccessDenied.aspx endpoint.
Notably, support for this …
|
-
|
CVE-2024-12907
|
2025-01-3 01:15 |
2025-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1075
|
- |
|
-
|
-
|
Missing Authorization vulnerability in Liquid Web / StellarWP GiveWP.This issue affects GiveWP: from n/a through 2.25.1.
|
CWE-862
Missing Authorization
|
CVE-2023-23672
|
2025-01-3 01:15 |
2025-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1076
|
- |
|
-
|
-
|
Missing Authorization vulnerability in JoomUnited WP Table Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Table Manager: from n/a through 3.5.2.
|
CWE-862
Missing Authorization
|
CVE-2022-47601
|
2025-01-3 01:15 |
2025-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1077
|
- |
|
-
|
-
|
Missing Authorization vulnerability in WeyHan Ng Post Teaser.This issue affects Post Teaser: from n/a through 4.1.5.
|
CWE-862
Missing Authorization
|
CVE-2022-45811
|
2025-01-3 01:15 |
2025-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1078
|
- |
|
-
|
-
|
A vulnerability, which was classified as critical, was found in code-projects Chat System 1.0. Affected is an unknown function of the file /admin/deleteuser.php. The manipulation of the argument id l…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2025-0171
|
2025-01-3 00:15 |
2025-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1079
|
- |
|
-
|
-
|
MaxKB, which stands for Max Knowledge Base, is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation (RAG). Prior to version 1.9.0…
|
CWE-78
OS Command
|
CVE-2024-56137
|
2025-01-3 00:15 |
2025-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1080
|
- |
|
-
|
-
|
Sensitive information disclosure due to missing authentication. The following products are affected: Acronis True Image (macOS) before build 41725, Acronis True Image (Windows) before build 41736.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-55538
|
2025-01-3 00:15 |
2025-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
