|
256851
|
5.4 |
MEDIUM
Network
|
robfelty
|
collapsing_archives
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Robert Felty Collapsing Archives allows Stored XSS.This issue affects Collapsing Archives:…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43934
|
2024-09-4 00:17 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256852
|
6.1 |
MEDIUM
Network
|
wpbeaverbuilder
|
beaver_builder
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Beaver Builder Team Beaver Builder allows Reflected XSS.This issue affects Beaver Buil…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43926
|
2024-09-4 00:15 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256853
|
6.1 |
MEDIUM
Network
|
webpack.js
|
webpack
|
Webpack is a module bundler. Its main purpose is to bundle JavaScript files for usage in a browser, yet it is also capable of transforming, bundling, or packaging just about any resource or asset. Th…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43788
|
2024-09-4 00:15 |
2024-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256854
|
5.9 |
MEDIUM
Network
|
matter-labs
|
zksolc
|
zksolc is a Solidity compiler for ZKsync. All LLVM versions since 2015 fold `(xor (shl 1, x), -1)` to `(rotl ~1, x)` if run with optimizations enabled. Here `~1` is generated as an unsigned 64 bits n…
|
CWE-682
Incorrect Calculation
|
CVE-2024-45056
|
2024-09-4 00:14 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256855
|
6.1 |
MEDIUM
Network
|
collabora
|
online
|
Collabora Online is a collaborative online office suite based on LibreOffice technology. In the mobile (Android/iOS) device variants of Collabora Online it was possible to inject JavaScript via url e…
|
CWE-79
Cross-site Scripting
|
CVE-2024-45045
|
2024-09-4 00:13 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256856
|
- |
|
-
|
-
|
BPL Personal Weighing Scale PWS-01BT IND/09/18/599 devices send sensitive information in unencrypted BLE packets. (The packet data also lacks authentication and integrity protection.)
|
-
|
CVE-2024-34463
|
2024-09-4 00:12 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256857
|
8.8 |
HIGH
Network
|
muffingroup
|
betheme
|
The Betheme theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 27.5.6 via deserialization of untrusted input of the 'mfn-page-items' post meta value. This…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-2694
|
2024-09-4 00:10 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256858
|
5.4 |
MEDIUM
Network
|
muffingroup
|
betheme
|
The Betheme theme for WordPress is vulnerable to Stored Cross-Site Scripting via several of the plugin's shortcodes in all versions up to, and including, 27.5.6 due to insufficient input sanitization…
|
CWE-79
Cross-site Scripting
|
CVE-2024-3998
|
2024-09-4 00:00 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256859
|
6.1 |
MEDIUM
Network
|
elecom
|
wrc-x3000gs2-b_firmware
wrc-x3000gs2-w_firmware
wrc-x3000gs2a-b_firmware
|
Cross-site scripting vulnerability exists in WRC-X3000GS2-B, WRC-X3000GS2-W, and WRC-X3000GS2A-B due to improper processing of input values in easysetup.cgi. If a user views a malicious web page whil…
|
CWE-79
Cross-site Scripting
|
CVE-2024-34577
|
2024-09-3 23:59 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256860
|
5.4 |
MEDIUM
Network
|
hubspot
|
hubspot
|
The HubSpot – CRM, Email Marketing, Live Chat, Forms & Analytics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'url' attribute of the HubSpot Meeting Widget in all version…
|
CWE-79
Cross-site Scripting
|
CVE-2024-5879
|
2024-09-3 23:59 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
