|
250851
|
7.2 |
HIGH
Network
|
cisco
|
ata_191_firmware
ata_192_firmware
|
A vulnerability in the web-based management interface of Cisco ATA 190 Multiplatform Series Analog Telephone Adapter firmware could allow an authenticated, remote attacker with high privileges to exe…
|
CWE-78
OS Command
|
CVE-2024-20459
|
2024-10-23 03:06 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250852
|
8.2 |
HIGH
Network
|
cisco
|
ata_191_firmware
ata_192_firmware
|
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to view or delete the configuration or …
|
CWE-78
OS Command
|
CVE-2024-20458
|
2024-10-23 03:03 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250853
|
7.5 |
HIGH
Network
|
didiglobal
|
ddmq
|
A vulnerability has been found in didi DDMQ 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Console Module. The manipulation with the input…
|
CWE-863
Incorrect Authorization
|
CVE-2024-10173
|
2024-10-23 02:05 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250854
|
8.8 |
HIGH
Network
|
bhaskardhote
|
back_link_tracker
|
Cross-Site Request Forgery (CSRF) vulnerability in Bhaskar Dhote Back Link Tracker allows Blind SQL Injection.This issue affects Back Link Tracker: from n/a through 1.0.0.
|
CWE-352
Origin Validation Error
|
CVE-2024-49617
|
2024-10-23 01:51 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250855
|
8.8 |
HIGH
Network
|
jordanlyall
|
mytweetlinks
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jordan Lyall MyTweetLinks allows Blind SQL Injection.This issue affects MyTweetLinks: from n/a th…
|
CWE-89
SQL Injection
|
CVE-2024-49618
|
2024-10-23 01:50 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250856
|
8.8 |
HIGH
Network
|
henriquerodrigues
|
safetyforms
|
Cross-Site Request Forgery (CSRF) vulnerability in Henrique Rodrigues SafetyForms allows Blind SQL Injection.This issue affects SafetyForms: from n/a through 1.0.0.
|
CWE-352
Origin Validation Error
|
CVE-2024-49615
|
2024-10-23 01:43 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250857
|
5.4 |
MEDIUM
Network
|
k2-service
|
product_customizer_light
|
The Product Customizer Light plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.0 due to insufficient input sanitization …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9848
|
2024-10-23 01:42 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250858
|
8.8 |
HIGH
Network
|
nyasro
|
rate_own_post
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nyasro Rate Own Post allows Blind SQL Injection.This issue affects Rate Own Post: from n/a throug…
|
CWE-89
SQL Injection
|
CVE-2024-49616
|
2024-10-23 01:41 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250859
|
7.4 |
HIGH
Network
|
bitdefender
|
total_security
|
A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software fails to properly validate website certificates. Specifically, if a site certificate …
|
CWE-295
Improper Certificate Validation
|
CVE-2023-6055
|
2024-10-23 01:39 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250860
|
6.8 |
MEDIUM
Network
|
bitdefender
|
total_security
|
A vulnerability has been identified in the Bitdefender Total Security HTTPS scanning functionality where the product incorrectly checks the site's certificate, which allows an attacker to make MITM S…
|
CWE-295
Improper Certificate Validation
|
CVE-2023-49567
|
2024-10-23 01:39 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
