|
313611
|
9.8 |
CRITICAL
Network
|
e4jconnect
|
vikrentcar
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in E4J s.R.L. VikRentCar allows SQL Injection.This issue affects VikRentCar: from n/a through 1.4.0.
|
CWE-89
SQL Injection
|
CVE-2024-39653
|
2024-09-14 06:03 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313612
|
8.8 |
HIGH
Network
|
roundupwp
|
registrations_for_the_events_calendar
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Roundup WP Registrations for the Events Calendar allows SQL Injection.This issue affects Registra…
|
CWE-89
SQL Injection
|
CVE-2024-39638
|
2024-09-14 06:00 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313613
|
8.8 |
HIGH
Network
|
pricelisto
|
great_restaurant_menu_wp
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PriceListo Best Restaurant Menu by PriceListo allows SQL Injection.This issue affects Best Restau…
|
CWE-89
SQL Injection
|
CVE-2024-38793
|
2024-09-14 05:57 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313614
|
6.1 |
MEDIUM
Network
|
wpengine
|
advanced_custom_fields
|
Cross-site scripting vulnerability exists in Advanced Custom Fields versions 6.3.5 and earlier and Advanced Custom Fields Pro versions 6.3.5 and earlier. If an attacker with the 'capability' setting …
|
CWE-79
Cross-site Scripting
|
CVE-2024-45429
|
2024-09-14 05:48 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313615
|
8.8 |
HIGH
Network
|
dell
|
smartfabric_os10
|
Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x , contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A…
|
CWE-77
Command Injection
|
CVE-2024-38486
|
2024-09-14 05:36 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313616
|
7.2 |
HIGH
Network
|
wedevs
|
wp_user_frontend
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs WP User Frontend allows SQL Injection.This issue affects WP User Frontend: from n/a throug…
|
CWE-89
SQL Injection
|
CVE-2024-38693
|
2024-09-14 05:35 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313617
|
5.4 |
MEDIUM
Network
|
qnap
|
notes_station_3
|
A cross-site scripting (XSS) vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.
We hav…
|
CWE-79
Cross-site Scripting
|
CVE-2024-27126
|
2024-09-14 05:31 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313618
|
7.5 |
HIGH
Network
|
accordors
|
accord_ors
|
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ariva Computer Accord ORS allows Retrieve Embedded Sensitive Data.This issue affects Accord ORS: before 7.3.2.1.
|
NVD-CWE-noinfo
|
CVE-2024-1744
|
2024-09-14 05:30 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313619
|
6.1 |
MEDIUM
Network
|
br-automation
|
industrial_automation_aprol
|
Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B&R APROL <= R 4.4-00P3 may allow a network-based attacker to execute arbitrary JavaScript code in the context of the user's brows…
|
CWE-79
Cross-site Scripting
|
CVE-2024-5624
|
2024-09-14 05:23 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313620
|
7.8 |
HIGH
Local
|
br-automation
|
industrial_automation_aprol
|
An untrusted search path vulnerability in the AprolConfigureCCServices of B&R APROL <= R 4.2.-07P3 and <= R 4.4-00P3 may allow an authenticated local attacker to execute arbitrary code with elevated …
|
CWE-426
Untrusted Search Path
|
CVE-2024-5622
|
2024-09-14 05:21 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
