|
256681
|
5.4 |
MEDIUM
Network
|
jpatokal
|
openflights
|
openflights commit 5234b5b is vulnerable to Cross-Site Scripting (XSS) via php/submit.php
|
CWE-79
Cross-site Scripting
|
CVE-2024-41346
|
2024-09-5 01:05 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256682
|
9.8 |
CRITICAL
Network
|
smackcoders
|
sendgrid
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Smackcoders SendGrid for WordPress allows SQL Injection.This issue affects SendGrid for WordPress…
|
CWE-89
SQL Injection
|
CVE-2024-43965
|
2024-09-5 01:02 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256683
|
9.8 |
CRITICAL
Network
|
progress
|
whatsup_gold
|
In WhatsUp Gold versions released before 2024.0.0, if the application is configured with only a single user, a SQL Injection vulnerability allows an unauthenticated attacker to retrieve the users enc…
|
CWE-89
SQL Injection
|
CVE-2024-6671
|
2024-09-5 00:53 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256684
|
9.8 |
CRITICAL
Network
|
mozilla
|
firefox
|
Memory safety bugs present in Firefox 129. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code…
|
CWE-787
Out-of-bounds Write
|
CVE-2024-8389
|
2024-09-5 00:50 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256685
|
9.8 |
CRITICAL
Network
|
seacms
|
seacms
|
SeaCMS v12.9 was discovered to contain a SQL injection vulnerability via the id parameter at /dmplayer/dmku/index.php?ac=del.
|
CWE-89
SQL Injection
|
CVE-2024-44921
|
2024-09-5 00:00 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256686
|
6.1 |
MEDIUM
Network
|
seacms
|
seacms
|
A cross-site scripting (XSS) vulnerability in the component admin_collect_news.php of SeaCMS v12.9 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the si…
|
CWE-79
Cross-site Scripting
|
CVE-2024-44920
|
2024-09-4 23:59 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256687
|
9.8 |
CRITICAL
Network
|
rems
|
contact_manager_with_export_to_vcf
|
A vulnerability was found in SourceCodester Contact Manager with Export to VCF 1.0. It has been rated as critical. This issue affects some unknown processing of the file /endpoint/delete-account.php …
|
CWE-89
SQL Injection
|
CVE-2024-8380
|
2024-09-4 23:58 |
2024-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256688
|
5.4 |
MEDIUM
Network
|
3ds
|
3dexperience_enovia
|
A stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute …
|
CWE-79
Cross-site Scripting
|
CVE-2024-8004
|
2024-09-4 23:56 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256689
|
5.4 |
MEDIUM
Network
|
3ds
|
3dexperience
|
A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script…
|
CWE-79
Cross-site Scripting
|
CVE-2024-7938
|
2024-09-4 23:53 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256690
|
6.1 |
MEDIUM
Network
|
checkmk
|
checkmk
|
Improper neutralization of input in Checkmk before version 2.3.0p14 allows attackers to inject and run malicious scripts in the Robotmk logs view.
|
CWE-79
Cross-site Scripting
|
CVE-2024-38858
|
2024-09-4 23:39 |
2024-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
