|
312411
|
7.8 |
HIGH
Local
|
automationanywhere
|
automation_360
|
A CSV injection vulnerability in Automation Anywhere Automation 360 version 21094 allows attackers to execute arbitrary code via a crafted payload. NOTE: Automation Anywhere disputes this report, arg…
|
CWE-1236
Improper Neutralization of Formula Elements in a CSV File
|
CVE-2024-41226
|
2024-09-4 06:15 |
2024-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312412
|
9.8 |
CRITICAL
Network
|
project_expense_monitoring_system_project
|
project_expense_monitoring_system
|
A vulnerability classified as critical was found in itsourcecode Project Expense Monitoring System 1.0. This vulnerability affects unknown code of the file printtransfer.php. The manipulation of the …
|
CWE-89
SQL Injection
|
CVE-2024-7937
|
2024-09-4 05:43 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312413
|
9.8 |
CRITICAL
Network
|
project_expense_monitoring_system_project
|
project_expense_monitoring_system
|
A vulnerability classified as critical has been found in itsourcecode Project Expense Monitoring System 1.0. This affects an unknown part of the file transferred_report.php. The manipulation of the a…
|
CWE-89
SQL Injection
|
CVE-2024-7936
|
2024-09-4 05:43 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312414
|
5.4 |
MEDIUM
Network
|
rems
|
leads_manager_tool
|
A vulnerability has been found in SourceCodester Leads Manager Tool 1.0 and classified as problematic. This vulnerability affects unknown code of the file update-leads.php. The manipulation of the ar…
|
CWE-79
Cross-site Scripting
|
CVE-2024-7942
|
2024-09-4 05:39 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312415
|
- |
|
-
|
-
|
ClickHouse v24.3.3.102 was discovered to contain a buffer overflow via the component DB::evaluateConstantExpressionImpl.
|
-
|
CVE-2024-41436
|
2024-09-4 05:35 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312416
|
- |
|
-
|
-
|
A CSV injection vulnerability in Lime Survey v6.5.12 allows attackers to execute arbitrary code via uploading a crafted CSV file.
|
-
|
CVE-2024-42901
|
2024-09-4 05:35 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312417
|
8.8 |
HIGH
Network
|
adonesevangelista
|
laravel_property_management_system
|
A vulnerability was found in itsourcecode Laravel Property Management System 1.0 and classified as critical. This issue affects the function upload of the file PropertiesController.php. The manipulat…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-7943
|
2024-09-4 05:35 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312418
|
5.4 |
MEDIUM
Network
|
posimyth
|
the_plus_addons_for_elementor
|
The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the video_date attribute wi…
|
CWE-79
Cross-site Scripting
|
CVE-2024-5763
|
2024-09-4 05:31 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312419
|
5.4 |
MEDIUM
Network
|
posimyth
|
the_plus_addons_for_elementor
|
The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘res_width_value’ param…
|
CWE-79
Cross-site Scripting
|
CVE-2024-6575
|
2024-09-4 05:30 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312420
|
5.4 |
MEDIUM
Network
|
sayandatta
|
wp_last_modified_info
|
The WP Last Modified Info plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘template’ attribute of the lmt-post-modified-info shortcode in all versions up to, and including, …
|
CWE-79
Cross-site Scripting
|
CVE-2024-6864
|
2024-09-4 05:22 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
