|
314621
|
5.4 |
MEDIUM
Network
|
sap
|
netweaver_application_server_abap
|
SAP NetWeaver Application Server ABAP allows
an unauthenticated attacker to craft a URL link that could bypass allowlist
controls. Depending on the web applications provided by this server, the
…
|
NVD-CWE-noinfo
|
CVE-2024-41732
|
2024-09-12 02:52 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314622
|
4.3 |
MEDIUM
Network
|
sap
|
business_objects_business_intelligence_platform
|
SAP BusinessObjects Business Intelligence
Platform allows an authenticated attacker to upload malicious code over the
network, that could be executed by the application. On successful exploitation,
t…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-41731
|
2024-09-12 02:48 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314623
|
5.4 |
MEDIUM
Network
|
wpeka
|
wp_adcenter
|
The WP AdCenter – Ad Manager & Adsense Ads plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ad_alignment’ attribute in all versions up to, and including, 2.5.6 due to insuff…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8317
|
2024-09-12 02:46 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314624
|
4.3 |
MEDIUM
Network
|
wpshuffle
|
frontend_post_submission_manager
|
The Frontend Post Submission Manager Lite – Frontend Posting WordPress Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the save_glo…
|
CWE-862
Missing Authorization
|
CVE-2024-8427
|
2024-09-12 02:41 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314625
|
8.8 |
HIGH
Network
|
nvidia
|
mlnx-os
mlnx-gw
onyx
nvda-os_xc
|
NVIDIA Mellanox OS, ONYX, Skyway, MetroX-2 and MetroX-3 XC contain a vulnerability in the LDAP AAA component, where a user can cause improper access. A successful exploit of this vulnerability might …
|
NVD-CWE-Other
|
CVE-2024-0104
|
2024-09-12 02:40 |
2024-08-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314626
|
4.8 |
MEDIUM
Network
|
themegrill
|
himalayas
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemeGrill Himalayas allows Stored XSS.This issue affects Himalayas: from n/a through 1.3.…
|
CWE-79
Cross-site Scripting
|
CVE-2024-39629
|
2024-09-12 02:35 |
2024-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314627
|
4.8 |
MEDIUM
Network
|
imagely
|
nextgen_gallery
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Imagely NextGEN Gallery allows Stored XSS.This issue affects NextGEN Gallery: from n/a thr…
|
CWE-79
Cross-site Scripting
|
CVE-2024-39627
|
2024-09-12 02:35 |
2024-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314628
|
8.8 |
HIGH
Network
|
nvidia
|
mellanox_os
onyx
skyway
metrox-3_xc
metrox-2
|
NVIDIA Mellanox OS, ONYX, Skyway, and MetroX-3 XCC contain a vulnerability in the web support, where an attacker can cause a CGI path traversal by a specially crafted URI. A successful exploit of thi…
|
CWE-22
Path Traversal
|
CVE-2024-0113
|
2024-09-12 02:34 |
2024-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314629
|
6.1 |
MEDIUM
Network
|
metagauss
|
registrationmagic
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in RegistrationMagic Forms RegistrationMagic allows Stored XSS.This issue affects Registratio…
|
CWE-79
Cross-site Scripting
|
CVE-2024-39643
|
2024-09-12 02:33 |
2024-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314630
|
5.4 |
MEDIUM
Network
|
modernaweb
|
black_widgets_for_elementor
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Modernaweb Studio Black Widgets For Elementor allows Stored XSS.This issue affects Black W…
|
CWE-79
Cross-site Scripting
|
CVE-2024-39644
|
2024-09-12 02:31 |
2024-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
