|
314861
|
8.8 |
HIGH
Network
|
siamonhasan
|
warehouse_inventory_system
|
A Cross-Site Request Forgery (CSRF) in the component edit_group.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges.
|
CWE-352
Origin Validation Error
|
CVE-2024-42580
|
2024-08-21 22:39 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314862
|
8.8 |
HIGH
Network
|
siamonhasan
|
warehouse_inventory_system
|
A Cross-Site Request Forgery (CSRF) in the component delete_user.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges.
|
CWE-352
Origin Validation Error
|
CVE-2024-42583
|
2024-08-21 22:38 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314863
|
8.8 |
HIGH
Network
|
siamonhasan
|
warehouse_inventory_system
|
A Cross-Site Request Forgery (CSRF) in the component delete_categorie.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges.
|
CWE-352
Origin Validation Error
|
CVE-2024-42582
|
2024-08-21 22:38 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314864
|
8.8 |
HIGH
Network
|
siamonhasan
|
warehouse_inventory_system
|
A Cross-Site Request Forgery (CSRF) in the component delete_group.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges.
|
CWE-352
Origin Validation Error
|
CVE-2024-42581
|
2024-08-21 22:38 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314865
|
8.8 |
HIGH
Network
|
siamonhasan
|
warehouse_inventory_system
|
A Cross-Site Request Forgery (CSRF) in the component delete_product.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges.
|
CWE-352
Origin Validation Error
|
CVE-2024-42584
|
2024-08-21 22:37 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314866
|
5.4 |
MEDIUM
Network
|
friendica
|
friendica
|
Friendica 2024.03 is vulnerable to Cross Site Scripting (XSS) in settings/profile via the homepage, xmpp, and matrix parameters.
|
CWE-79
Cross-site Scripting
|
CVE-2024-39094
|
2024-08-21 22:31 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314867
|
7.5 |
HIGH
Network
|
keyfactor
|
command
|
Keyfactor Command 10.5.x before 10.5.1 and 11.5.x before 11.5.1 allows SQL Injection which could result in information disclosure.
|
CWE-89
SQL Injection
|
CVE-2024-34458
|
2024-08-21 22:31 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314868
|
7.5 |
HIGH
Network
|
keyfactor
|
aws_orchestrator
|
Keyfactor AWS Orchestrator through 2.0 allows Information Disclosure.
|
NVD-CWE-noinfo
|
CVE-2024-42006
|
2024-08-21 22:26 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314869
|
8.8 |
HIGH
Network
|
pligg
|
pligg_cms
|
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_backup.php?dobackup=clearall
|
CWE-352
Origin Validation Error
|
CVE-2024-42603
|
2024-08-21 22:21 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314870
|
8.8 |
HIGH
Network
|
pligg
|
pligg_cms
|
Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/admin_backup.php?dobackup=avatars
|
CWE-352
Origin Validation Error
|
CVE-2024-42609
|
2024-08-21 22:12 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
