|
316041
|
5.4 |
MEDIUM
Network
|
etoilewebdesign
|
front_end_users
|
The Front End Users plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'user-search' shortcode in all versions up to, and including, 3.2.28 due to insufficient input s…
|
CWE-79
Cross-site Scripting
|
CVE-2024-7606
|
2024-08-31 00:43 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316042
|
9.8 |
CRITICAL
Network
|
sportsnet
|
sportsnet
|
SQL injection vulnerabilities in SportsNET affecting version 4.0.1. These vulnerabilities could allow an attacker to retrieve, update and delete all information in the database by sending a specially…
|
CWE-89
SQL Injection
|
CVE-2024-29727
|
2024-08-31 00:43 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316043
|
8.8 |
HIGH
Network
|
etoilewebdesign
|
front_end_users
|
The Front End Users plugin for WordPress is vulnerable to time-based SQL Injection via the ‘order’ parameter in all versions up to, and including, 3.2.28 due to insufficient escaping on the user supp…
|
CWE-89
SQL Injection
|
CVE-2024-7607
|
2024-08-31 00:41 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316044
|
9.8 |
CRITICAL
Network
|
feehi
|
feehicms
|
A vulnerability, which was classified as critical, was found in FeehiCMS up to 2.1.1. This affects the function update of the file /admin/index.php?r=friendly-link%2Fupdate. The manipulation of the a…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-8294
|
2024-08-31 00:38 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316045
|
9.8 |
CRITICAL
Network
|
feehi
|
feehicms
|
A vulnerability has been found in FeehiCMS up to 2.1.1 and classified as critical. This vulnerability affects the function createBanner of the file /admin/index.php?r=banner%2Fbanner-create. The mani…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-8295
|
2024-08-31 00:37 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316046
|
9.8 |
CRITICAL
Network
|
feehi
|
feehicms
|
A vulnerability was found in FeehiCMS up to 2.1.1 and classified as critical. This issue affects the function insert of the file /admin/index.php?r=user%2Fcreate. The manipulation of the argument Use…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-8296
|
2024-08-31 00:36 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316047
|
7.8 |
HIGH
Local
|
aertherwide
|
exiftags
|
Buffer Overflow vulnerability in open source exiftags v.1.01 allows a local attacker to execute arbitrary code via the paresetag function.
|
CWE-787
Out-of-bounds Write
|
CVE-2024-42851
|
2024-08-31 00:30 |
2024-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316048
|
7.5 |
HIGH
Network
|
kitsada8621
|
digital_library_management_system
|
A vulnerability was found in kitsada8621 Digital Library Management System 1.0. It has been classified as problematic. Affected is the function JwtRefreshAuth of the file middleware/jwt_refresh_token…
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2024-8297
|
2024-08-31 00:28 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316049
|
9.8 |
CRITICAL
Network
|
gitapp
|
dingfanzu
|
A vulnerability was found in dingfanzu CMS up to 29d67d9044f6f93378e6eb6ff92272217ff7225c. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /aj…
|
CWE-89
SQL Injection
|
CVE-2024-8301
|
2024-08-31 00:24 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
316050
|
4.8 |
MEDIUM
Adjacent
|
teldat
|
rs123_firmware
rs123w_firmware
|
Cross Site Scripting vulnerability in Teldats Router RS123, RS123w allows attacker to execute arbitrary code via the cmdcookie parameter to the upgrade/query.php page.
|
CWE-79
Cross-site Scripting
|
CVE-2022-39996
|
2024-08-31 00:17 |
2024-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
