|
314701
|
5.4 |
MEDIUM
Network
|
webcraftplugins
|
image_map_pro
|
The Image Map Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'save_project' function with an arbitrary shortcode in versions up to, and including, 6.0.20 due to insuffi…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9585
|
2024-11-6 02:05 |
2024-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314702
|
9.8 |
CRITICAL
Network
|
esafenet
|
cdg
|
A vulnerability, which was classified as critical, was found in ESAFENET CDG 5. This affects the function deleteHook of the file /com/esafenet/servlet/policy/HookService.java. The manipulation of the…
|
CWE-89
SQL Injection
|
CVE-2024-10660
|
2024-11-6 02:04 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314703
|
9.8 |
CRITICAL
Network
|
esafenet
|
cdg
|
A vulnerability, which was classified as critical, has been found in ESAFENET CDG 5. Affected by this issue is the function delSystemEncryptPolicy of the file /com/esafenet/servlet/document/CDGAuthor…
|
CWE-89
SQL Injection
|
CVE-2024-10659
|
2024-11-6 02:04 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314704
|
5.4 |
MEDIUM
Network
|
webcraftplugins
|
image_map_pro
|
The Image Map Pro plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the AJAX functions in versions up to, and including, 6.…
|
CWE-862
Missing Authorization
|
CVE-2024-9584
|
2024-11-6 02:04 |
2024-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314705
|
3.5 |
LOW
Network
|
mattermost
|
mattermost
|
Mattermost versions 9.11.X <= 9.11.1, 9.5.x <= 9.5.9 icorrectly issues two sessions when using desktop SSO - one in the browser and one in desktop with incorrect settings.
|
NVD-CWE-Other
|
CVE-2024-10214
|
2024-11-6 02:03 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314706
|
9.8 |
CRITICAL
Network
|
fabinros
|
simple_car_rental_system
|
A vulnerability classified as critical has been found in code-projects Simple Car Rental System 1.0. Affected is an unknown function of the file /signup.php. The manipulation of the argument fname le…
|
CWE-89
SQL Injection
|
CVE-2024-10702
|
2024-11-6 01:52 |
2024-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314707
|
6.1 |
MEDIUM
Network
|
phpgurukul
|
car_rental_portal
|
A vulnerability was found in PHPGurukul Car Rental Portal 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /search.php. The manipulation of the argument s…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10701
|
2024-11-6 01:52 |
2024-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314708
|
6.5 |
MEDIUM
Network
|
cert
|
vince
|
VINCE versions before 3.0.9 is vulnerable to exposure of User information to authenticated users.
|
CWE-276
Incorrect Default Permissions
|
CVE-2024-10469
|
2024-11-6 01:51 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314709
|
4.8 |
MEDIUM
Adjacent
|
argo_workflows_project
|
argo_workflows
|
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Due to a race condition in a global variable in 3.6.0-rc1, the argo workflows controll…
|
CWE-362
CWE-1108
Race Condition
Excessive Reliance on Global Variables
|
CVE-2024-47827
|
2024-11-6 01:50 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314710
|
7.5 |
HIGH
Network
|
squid-cache
|
squid
|
Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to Input Validation, Premature Release of Resource During Expected Lifetime, and Missing Release of Resour…
|
NVD-CWE-noinfo
|
CVE-2024-45802
|
2024-11-6 01:45 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
