|
315901
|
9.6 |
CRITICAL
Network
|
vtiger
|
vtiger_crm
|
A reflected cross-site scripting (XSS) vulnerability in the viewname parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via …
|
CWE-79
Cross-site Scripting
|
CVE-2024-44779
|
2024-09-4 03:33 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315902
|
9.6 |
CRITICAL
Network
|
vtiger
|
vtiger_crm
|
A reflected cross-site scripting (XSS) vulnerability in the tag parameter in the index page of vTiger CRM 7.4.0 allows attackers to execute arbitrary code in the context of a user's browser via injec…
|
CWE-79
Cross-site Scripting
|
CVE-2024-44777
|
2024-09-4 03:33 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315903
|
6.1 |
MEDIUM
Network
|
vtiger
|
vtiger_crm
|
An Open Redirect vulnerability in the page parameter of vTiger CRM v7.4.0 allows attackers to redirect users to a malicious site via a crafted URL.
|
CWE-601
Open Redirect
|
CVE-2024-44776
|
2024-09-4 03:33 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315904
|
6.1 |
MEDIUM
Network
|
dedebiz
|
dedebiz
|
A cross-site scripting (XSS) vulnerability in DedeBIZ v6.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
|
CWE-79
Cross-site Scripting
|
CVE-2024-44717
|
2024-09-4 03:32 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315905
|
6.1 |
MEDIUM
Network
|
dedebiz
|
dedebiz
|
A cross-site scripting (XSS) vulnerability in DedeBIZ v6.3.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
|
CWE-79
Cross-site Scripting
|
CVE-2024-44716
|
2024-09-4 03:32 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315906
|
5.4 |
MEDIUM
Network
|
dsgvo-for-wp
|
dsgvo_all_in_one_for_wp
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Michael Leithold DSGVO All in one for WP allows Stored XSS.This issue affects DSGVO All in…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43964
|
2024-09-4 03:30 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315907
|
5.4 |
MEDIUM
Network
|
khoj
|
khoj
|
Khoj is an application that creates personal AI agents. The Automation feature allows a user to insert arbitrary HTML inside the task instructions, resulting in a Stored XSS. The q parameter for the …
|
CWE-79
Cross-site Scripting
|
CVE-2024-43396
|
2024-09-4 03:19 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315908
|
- |
|
-
|
-
|
Rejected reason: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that there was not reasonable evide…
|
-
|
CVE-2024-7619
|
2024-09-4 03:15 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315909
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs()
If IORESOURCE_MEM is not provided …
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-43823
|
2024-09-4 02:49 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315910
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
ASoc: PCM6240: Return directly after a failed devm_kzalloc() in pcmdevice_i2c_probe()
The value “-ENOMEM” was assigned to the loc…
|
CWE-476
NULL Pointer Dereference
|
CVE-2024-43822
|
2024-09-4 02:49 |
2024-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
