|
256321
|
8.6 |
HIGH
Local
|
scilico
|
i-librarian
|
Cross Site Scripting vulnerability in Martin Kucej i-librarian v.5.11.0 and before allows a local attacker to execute arbitrary code via the search function in the import component.
|
CWE-79
Cross-site Scripting
|
CVE-2024-40500
|
2024-08-22 01:05 |
2024-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256322
|
5.3 |
MEDIUM
Network
|
matrix
|
javascript_sdk
|
matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. A malicious homeserver can craft a room or room structure such that the predecessors form a cycle. The matrix-js-sdk's g…
|
CWE-674
Uncontrolled Recursion
|
CVE-2024-42369
|
2024-08-22 01:01 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256323
|
8.8 |
HIGH
Network
|
projectcapsule
|
capsule
|
Capsule is a multi-tenancy and policy-based framework for Kubernetes. In Capsule v0.7.0 and earlier, the tenant-owner can patch any arbitrary namespace that has not been taken over by a tenant (i.e.,…
|
CWE-863
Incorrect Authorization
|
CVE-2024-39690
|
2024-08-22 01:01 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256324
|
5.4 |
MEDIUM
Network
|
3ds
|
3dexperience
|
A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execu…
|
CWE-79
Cross-site Scripting
|
CVE-2024-6378
|
2024-08-22 00:53 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256325
|
9.8 |
CRITICAL
Network
|
gotribe
|
gotribe-admin
|
A vulnerability was found in Go-Tribe gotribe-admin 1.0 and classified as problematic. Affected by this issue is the function InitRoutes of the file internal/app/routes/routes.go of the component Log…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-8003
|
2024-08-22 00:51 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256326
|
9.8 |
CRITICAL
Network
|
demozx
|
gf_cms
|
A vulnerability was found in demozx gf_cms 1.0/1.0.1. It has been classified as critical. This affects the function init of the file internal/logic/auth/auth.go of the component JWT Authentication. T…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2024-8005
|
2024-08-22 00:49 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256327
|
9.8 |
CRITICAL
Network
|
newlib_project
|
newlib
|
An issue in newlib v.4.3.0 allows an attacker to execute arbitrary code via the time unit scaling in the _gettimeofday function.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2024-30949
|
2024-08-22 00:48 |
2024-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256328
|
- |
|
-
|
-
|
The Chatbot with ChatGPT WordPress plugin before 2.4.5 does not sanitise and escape user inputs, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks against admins
|
-
|
CVE-2024-6843
|
2024-08-22 00:35 |
2024-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256329
|
5.4 |
MEDIUM
Network
|
adonesevangelista
|
laravel_property_management_system
|
A vulnerability was found in itsourcecode Laravel Property Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/no…
|
CWE-79
Cross-site Scripting
|
CVE-2024-7945
|
2024-08-22 00:25 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256330
|
8.8 |
HIGH
Network
|
adonesevangelista
|
laravel_property_management_system
|
A vulnerability was found in itsourcecode Laravel Property Management System 1.0. It has been classified as critical. Affected is the function UpdateDocumentsRequest of the file DocumentsController.p…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-7944
|
2024-08-22 00:24 |
2024-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
