|
2051
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Text Prompter – Unlimited chatgpt text prompts for openai tasks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'text_prompter' shortcode in all versions up to,…
|
CWE-79
Cross-site Scripting
|
CVE-2024-11896
|
2024-12-24 18:15 |
2024-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2052
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Loan Comparison plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'loancomparison' shortcode in all versions up to, and including, 2.0 due to insufficient input s…
|
CWE-79
Cross-site Scripting
|
CVE-2024-12814
|
2024-12-24 16:15 |
2024-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2053
|
- |
|
-
|
-
|
Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR. An attacker can create an NVR log file in a directory one level higher on the system, which ca…
|
-
|
CVE-2024-41887
|
2024-12-24 15:15 |
2024-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2054
|
- |
|
-
|
-
|
Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR. An attacker could inject malformed data into url input parameters to reboot the NVR. The manuf…
|
-
|
CVE-2024-41886
|
2024-12-24 15:15 |
2024-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2055
|
- |
|
-
|
-
|
Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR. The seed string for the encrypt key was hardcoding. The manufacturer has released patch firmwa…
|
-
|
CVE-2024-41885
|
2024-12-24 15:15 |
2024-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2056
|
- |
|
-
|
-
|
Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR. If an attacker does not enter any value for a specific URL parameter, NULL pointer references …
|
-
|
CVE-2024-41884
|
2024-12-24 15:15 |
2024-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2057
|
- |
|
-
|
-
|
Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the
NVR
. An attacker enters a special value for a specific URL parameter, resulting in a NULL point…
|
-
|
CVE-2024-41883
|
2024-12-24 15:15 |
2024-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2058
|
- |
|
-
|
-
|
Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR. An attacker can cause a stack overflow by entering large data into URL parameters, which will …
|
-
|
CVE-2024-41882
|
2024-12-24 15:15 |
2024-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2059
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The WordPress Simple Shopping Cart plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wp_cart_button' and 'wp_cart_display_product' shortcodes in all versions up to, …
|
CWE-79
Cross-site Scripting
|
CVE-2024-12622
|
2024-12-24 15:15 |
2024-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2060
|
8.8 |
HIGH
Network
|
-
|
-
|
The Custom Login Page Styler – Login Protected Private Site , Change wp-admin login url , WordPress login logo , Temporary admin login access , Rename login , Login customizer, Hide wp-login – Limit …
|
CWE-862
Missing Authorization
|
CVE-2024-12594
|
2024-12-24 15:15 |
2024-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
