|
313001
|
5.4 |
MEDIUM
Network
|
seacms
|
seacms
|
A cross-site scripting (XSS) vulnerability in the component admin_ads.php of SeaCMS v12.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ad descript…
|
CWE-79
Cross-site Scripting
|
CVE-2024-44919
|
2024-09-7 07:54 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313002
|
9.8 |
CRITICAL
Network
|
deltaww
|
dtn_soft
|
Delta Electronics DTN Soft version 2.0.1 and prior are vulnerable to an attacker achieving remote code execution through a deserialization of untrusted data vulnerability.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-8255
|
2024-09-7 07:53 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313003
|
7.5 |
HIGH
Network
|
wolfssl
|
wolfssl
|
In function MatchDomainName(), input param str is treated as a NULL terminated string despite being user provided and unchecked. Specifically, the function X509_check_host() takes in a pointer and le…
|
CWE-125
Out-of-bounds Read
|
CVE-2024-5991
|
2024-09-7 07:51 |
2024-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313004
|
9.8 |
CRITICAL
Network
|
hp
|
security_manager
|
HP Security Manager is potentially vulnerable to Remote Code Execution as a result of code vulnerability within the product's solution open-source libraries.
|
NVD-CWE-noinfo
|
CVE-2024-7720
|
2024-09-7 07:33 |
2024-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313005
|
6.1 |
MEDIUM
Network
|
gazelle_project
|
gazelle
|
A cross-site scripting (XSS) vulnerability in the component /managers/enable_requests.php of Gazelle commit 63b3370 allows attackers to execute arbitrary web scripts or HTML via a crafted payload inj…
|
CWE-79
Cross-site Scripting
|
CVE-2024-44797
|
2024-09-7 07:27 |
2024-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313006
|
6.5 |
MEDIUM
Network
|
beikeshop
|
beikeshop
|
A vulnerability, which was classified as problematic, was found in Chengdu Everbrite Network Technology BeikeShop up to 1.5.5. This affects the function exportZip of the file /admin/file_manager/expo…
|
CWE-22
Path Traversal
|
CVE-2024-8165
|
2024-09-7 07:20 |
2024-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313007
|
8.8 |
HIGH
Network
|
beikeshop
|
beikeshop
|
A vulnerability, which was classified as critical, has been found in Chengdu Everbrite Network Technology BeikeShop up to 1.5.5. Affected by this issue is the function rename of the file /Admin/Http/…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-8164
|
2024-09-7 07:19 |
2024-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313008
|
8.1 |
HIGH
Network
|
beikeshop
|
beikeshop
|
A vulnerability classified as critical was found in Chengdu Everbrite Network Technology BeikeShop up to 1.5.5. Affected by this vulnerability is the function destroyFiles of the file /admin/file_man…
|
CWE-22
Path Traversal
|
CVE-2024-8163
|
2024-09-7 07:18 |
2024-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313009
|
- |
|
-
|
-
|
Rejected reason: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that the issue does not pose a secu…
|
-
|
CVE-2024-8439
|
2024-09-7 07:15 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313010
|
8.1 |
HIGH
Network
|
ivanti
|
neurons_for_itsm
|
Improper certificate validation in Ivanti ITSM on-prem and Neurons for ITSM Versions 2023.4 and earlier allows a remote attacker in a MITM position to craft a token that would allow access to ITSM as…
|
CWE-295
Improper Certificate Validation
|
CVE-2024-7570
|
2024-09-7 06:59 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
