|
248901
|
4.8 |
MEDIUM
Network
|
podsfoundation
|
pods
|
The Pods WordPress plugin before 3.2.7.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even w…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9883
|
2024-11-7 02:32 |
2024-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248902
|
8.8 |
HIGH
Network
|
esafenet
|
cdg
|
A vulnerability has been found in ESAFENET CDG 5 and classified as critical. This vulnerability affects the function getOneFileDirectory of the file /com/esafenet/servlet/fileManagement/FileDirectory…
|
CWE-89
SQL Injection
|
CVE-2024-10502
|
2024-11-7 02:20 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248903
|
8.8 |
HIGH
Network
|
esafenet
|
cdg
|
A vulnerability, which was classified as critical, was found in ESAFENET CDG 5. This affects the function findById of the file /com/esafenet/servlet/document/ExamCDGDocService.java. The manipulation …
|
CWE-89
SQL Injection
|
CVE-2024-10501
|
2024-11-7 02:20 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248904
|
5.4 |
MEDIUM
Network
|
neumann
|
n-line
|
N-LINE 2.0.6 and prior versions contain a code injection vulnerability. If this vulnerability is exploited, arbitrary code may be executed on the instructor's browser, or the instructor may be direct…
|
CWE-94
Code Injection
|
CVE-2024-47158
|
2024-11-7 02:10 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248905
|
7.5 |
HIGH
Network
|
neumann
|
musasi
|
MUSASI version 3 contains an issue with use of client-side authentication. If this vulnerability is exploited, other users' credential and sensitive information may be retrieved.
|
NVD-CWE-Other
|
CVE-2024-45785
|
2024-11-7 02:08 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248906
|
9.8 |
CRITICAL
Network
|
lindeni
|
multi_purpose_mail_form
|
Unrestricted Upload of File with Dangerous Type vulnerability in mahlamusa Multi Purpose Mail Form allows Upload a Web Shell to a Web Server.This issue affects Multi Purpose Mail Form: from n/a throu…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-50526
|
2024-11-7 02:07 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248907
|
7.5 |
HIGH
Network
|
stacksmarket
|
stacks_mobile_app_builder
|
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Stacks Stacks Mobile App Builder allows Retrieve Embedded Sensitive Data.This issue affects Stacks Mobile A…
|
NVD-CWE-Other
|
CVE-2024-50528
|
2024-11-7 02:06 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248908
|
9.8 |
CRITICAL
Network
|
stacksmarket
|
stacks_mobile_app_builder
|
Unrestricted Upload of File with Dangerous Type vulnerability in Stacks Stacks Mobile App Builder allows Upload a Web Shell to a Web Server.This issue affects Stacks Mobile App Builder: from n/a thro…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-50527
|
2024-11-7 02:06 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248909
|
8.8 |
HIGH
Network
|
rudrainnovative
|
training_-_courses
|
Unrestricted Upload of File with Dangerous Type vulnerability in Rudra Innnovative Software Training – Courses allows Upload a Web Shell to a Web Server.This issue affects Training – Courses: from n/…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-50529
|
2024-11-7 02:04 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248910
|
9.8 |
CRITICAL
Network
|
dfactory
|
responsive_lightbox
|
Missing Authorization vulnerability in dFactory Responsive Lightbox allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Responsive Lightbox: from n/a through 2.4.7.
|
CWE-862
Missing Authorization
|
CVE-2024-43924
|
2024-11-7 02:03 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
