|
251811
|
5.4 |
MEDIUM
Network
|
ultimatemember
|
ultimate_member
|
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's '…
|
CWE-79
Cross-site Scripting
|
CVE-2024-8519
|
2024-10-16 23:06 |
2024-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251812
|
4.8 |
MEDIUM
Network
|
enalean
|
tuleap
|
Tuleap is a tool for end to end traceability of application and system developments. Prior to Tuleap Community Edition 15.13.99.37, Tuleap Enterprise Edition 15.13-3, and Tuleap Enterprise Edition 15…
|
CWE-79
Cross-site Scripting
|
CVE-2024-46980
|
2024-10-16 23:05 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251813
|
7.5 |
HIGH
Network
|
acronis
|
cyber_protect
|
Cleartext transmission of sensitive information in acep-collector service. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2024-49387
|
2024-10-16 22:58 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251814
|
9.1 |
CRITICAL
Network
|
acronis
|
cyber_protect
|
Sensitive information manipulation due to improper authorization. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-49388
|
2024-10-16 22:57 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251815
|
4.3 |
MEDIUM
Adjacent
|
acronis
|
cyber_protect
|
Excessive attack surface in acep-importer service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
|
NVD-CWE-Other
|
CVE-2024-49383
|
2024-10-16 22:53 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251816
|
4.3 |
MEDIUM
Adjacent
|
acronis
|
cyber_protect
|
Excessive attack surface in archive-server service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
|
NVD-CWE-Other
|
CVE-2024-49382
|
2024-10-16 22:53 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251817
|
4.3 |
MEDIUM
Adjacent
|
acronis
|
cyber_protect
|
Excessive attack surface in acep-collector service due to binding to an unrestricted IP address. The following products are affected: Acronis Cyber Protect 16 (Linux, Windows) before build 38690.
|
NVD-CWE-Other
|
CVE-2024-49384
|
2024-10-16 22:52 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251818
|
7.8 |
HIGH
Local
|
electronics.jtekt
|
kostac_plc_programming_software
|
Out-of-bounds write vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted project f…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-47134
|
2024-10-16 22:50 |
2024-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251819
|
8.8 |
HIGH
Network
|
rems
|
drag_and_drop_image_upload
|
A vulnerability was found in SourceCodester Drag and Drop Image Upload 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /upload.php. The manipulati…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-9975
|
2024-10-16 22:44 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251820
|
9.8 |
CRITICAL
Network
|
code-projects
|
pharmacy_management_system
|
A vulnerability classified as critical has been found in code-projects Pharmacy Management System 1.0. This affects an unknown part of the file /php/manage_customer.php?action=search. The manipulatio…
|
CWE-89
SQL Injection
|
CVE-2024-9976
|
2024-10-16 22:42 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
