|
250991
|
8.8 |
HIGH
Network
|
esafenet
|
cdg
|
A vulnerability has been found in ESAFENET CDG 5 and classified as critical. Affected by this vulnerability is the function updateNetSecPolicyPriority of the file /com/esafenet/servlet/ajax/NetSecPol…
|
CWE-89
SQL Injection
|
CVE-2024-10133
|
2024-10-23 03:10 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250992
|
8.8 |
HIGH
Network
|
esafenet
|
cdg
|
A vulnerability was found in ESAFENET CDG 5. It has been classified as critical. This affects the function actionDelNetSecConfig of the file /com/esafenet/servlet/netSec/NetSecConfigService.java. The…
|
CWE-89
SQL Injection
|
CVE-2024-10135
|
2024-10-23 03:09 |
2024-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250993
|
7.2 |
HIGH
Network
|
cisco
|
ata_191_firmware
ata_192_firmware
|
A vulnerability in the web-based management interface of Cisco ATA 190 Multiplatform Series Analog Telephone Adapter firmware could allow an authenticated, remote attacker with high privileges to exe…
|
CWE-78
OS Command
|
CVE-2024-20459
|
2024-10-23 03:06 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250994
|
8.2 |
HIGH
Network
|
cisco
|
ata_191_firmware
ata_192_firmware
|
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to view or delete the configuration or …
|
CWE-78
OS Command
|
CVE-2024-20458
|
2024-10-23 03:03 |
2024-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250995
|
7.5 |
HIGH
Network
|
didiglobal
|
ddmq
|
A vulnerability has been found in didi DDMQ 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Console Module. The manipulation with the input…
|
CWE-863
Incorrect Authorization
|
CVE-2024-10173
|
2024-10-23 02:05 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250996
|
8.8 |
HIGH
Network
|
bhaskardhote
|
back_link_tracker
|
Cross-Site Request Forgery (CSRF) vulnerability in Bhaskar Dhote Back Link Tracker allows Blind SQL Injection.This issue affects Back Link Tracker: from n/a through 1.0.0.
|
CWE-352
Origin Validation Error
|
CVE-2024-49617
|
2024-10-23 01:51 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250997
|
8.8 |
HIGH
Network
|
jordanlyall
|
mytweetlinks
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jordan Lyall MyTweetLinks allows Blind SQL Injection.This issue affects MyTweetLinks: from n/a th…
|
CWE-89
SQL Injection
|
CVE-2024-49618
|
2024-10-23 01:50 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250998
|
8.8 |
HIGH
Network
|
henriquerodrigues
|
safetyforms
|
Cross-Site Request Forgery (CSRF) vulnerability in Henrique Rodrigues SafetyForms allows Blind SQL Injection.This issue affects SafetyForms: from n/a through 1.0.0.
|
CWE-352
Origin Validation Error
|
CVE-2024-49615
|
2024-10-23 01:43 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250999
|
5.4 |
MEDIUM
Network
|
k2-service
|
product_customizer_light
|
The Product Customizer Light plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0.0 due to insufficient input sanitization …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9848
|
2024-10-23 01:42 |
2024-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251000
|
8.8 |
HIGH
Network
|
nyasro
|
rate_own_post
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nyasro Rate Own Post allows Blind SQL Injection.This issue affects Rate Own Post: from n/a throug…
|
CWE-89
SQL Injection
|
CVE-2024-49616
|
2024-10-23 01:41 |
2024-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
