|
314551
|
- |
|
-
|
-
|
An issue in Shanghai Zhouma Network Technology CO., Ltd IMS Intelligent Manufacturing Collaborative Internet of Things System v.1.9.1 allows a remote attacker to escalate privileges via the open port.
|
-
|
CVE-2024-44439
|
2024-10-9 01:35 |
2024-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314552
|
5.4 |
MEDIUM
Network
|
memberful
|
memberful
|
The Memberful – Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'memberful_buy_subscription_link' and 'memberful_podcasts_link' shortcodes in all …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9242
|
2024-10-9 01:26 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314553
|
4.8 |
MEDIUM
Network
|
wpbookingcalendar
|
wp_booking_calendar
|
The WP Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 10.6 due to insufficient input sanitization and outp…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9306
|
2024-10-9 01:25 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314554
|
6.1 |
MEDIUM
Network
|
plainware
|
shiftcontroller
|
The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL keys in all versions up to, and including, 4.9.66 due to insufficient input …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9435
|
2024-10-9 01:22 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314555
|
5.4 |
MEDIUM
Network
|
sigmadevs
|
easy_demo_importer
|
The Easy Demo Importer – A Modern One-Click Demo Import Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.1.2 due…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9071
|
2024-10-9 01:21 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314556
|
4.3 |
MEDIUM
Adjacent
|
cisco
|
ios_xe
|
A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the control plane of an affected device.
This vulnerabili…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2024-20434
|
2024-10-9 01:20 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314557
|
5.4 |
MEDIUM
Network
|
remilia
|
re\
|
The Re:WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9271
|
2024-10-9 01:17 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314558
|
6.5 |
MEDIUM
Network
|
cisco
|
identity_services_engine
|
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device.
…
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2024-20515
|
2024-10-9 01:11 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314559
|
6.1 |
MEDIUM
Network
|
tychesoftwares
|
product_delivery_date_for_woocommerce
|
The Product Delivery Date for WooCommerce – Lite plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all ve…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9345
|
2024-10-9 01:10 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314560
|
6.7 |
MEDIUM
Local
|
synology
|
drive_client
|
Out-of-bounds write vulnerability in backup task management functionality in Synology Drive Client before 3.4.0-15721 allows local users with administrator privileges to execute arbitrary commands vi…
|
CWE-787
Out-of-bounds Write
|
CVE-2022-49039
|
2024-10-9 01:08 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
