|
304531
|
8.8 |
HIGH
Network
|
esafenet
|
cdg
|
A vulnerability has been found in ESAFENET CDG 5 and classified as critical. This vulnerability affects the function getOneFileDirectory of the file /com/esafenet/servlet/fileManagement/FileDirectory…
|
CWE-89
SQL Injection
|
CVE-2024-10502
|
2024-11-7 02:20 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304532
|
8.8 |
HIGH
Network
|
esafenet
|
cdg
|
A vulnerability, which was classified as critical, was found in ESAFENET CDG 5. This affects the function findById of the file /com/esafenet/servlet/document/ExamCDGDocService.java. The manipulation …
|
CWE-89
SQL Injection
|
CVE-2024-10501
|
2024-11-7 02:20 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304533
|
5.4 |
MEDIUM
Network
|
neumann
|
n-line
|
N-LINE 2.0.6 and prior versions contain a code injection vulnerability. If this vulnerability is exploited, arbitrary code may be executed on the instructor's browser, or the instructor may be direct…
|
CWE-94
Code Injection
|
CVE-2024-47158
|
2024-11-7 02:10 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304534
|
7.5 |
HIGH
Network
|
neumann
|
musasi
|
MUSASI version 3 contains an issue with use of client-side authentication. If this vulnerability is exploited, other users' credential and sensitive information may be retrieved.
|
NVD-CWE-Other
|
CVE-2024-45785
|
2024-11-7 02:08 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304535
|
9.8 |
CRITICAL
Network
|
dfactory
|
responsive_lightbox
|
Missing Authorization vulnerability in dFactory Responsive Lightbox allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Responsive Lightbox: from n/a through 2.4.7.
|
CWE-862
Missing Authorization
|
CVE-2024-43924
|
2024-11-7 02:03 |
2024-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304536
|
6.5 |
MEDIUM
Network
|
sonatype
|
nexus
|
Use of Hard-coded Credentials vulnerability in Sonatype Nexus Repository has been discovered in the code responsible for encrypting any secrets stored in the Nexus Repository configuration database (…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2024-5764
|
2024-11-7 01:41 |
2024-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304537
|
7.2 |
HIGH
Network
|
wuzhicms
|
wuzhicms
|
A vulnerability was found in wuzhicms 4.1.0. It has been classified as critical. Affected is the function add/edit of the file www/coreframe/app/content/admin/block.php. The manipulation leads to cod…
|
CWE-94
Code Injection
|
CVE-2024-10505
|
2024-11-7 01:38 |
2024-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304538
|
- |
|
-
|
-
|
Generation of weak and predictable Initialization Vector (IV) in PMFW (Power Management Firmware) may allow an attacker with privileges to reuse IV values to reverse-engineer debug data, potentially …
|
-
|
CVE-2023-31305
|
2024-11-7 01:35 |
2024-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304539
|
9.8 |
CRITICAL
Network
|
esafenet
|
cdg
|
A vulnerability classified as critical has been found in ESAFENET CDG 5. This affects the function delPolicyAction of the file /com/esafenet/servlet/system/PolicyActionService.java. The manipulation …
|
CWE-89
SQL Injection
|
CVE-2024-10597
|
2024-11-7 01:28 |
2024-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304540
|
5.3 |
MEDIUM
Network
|
choplugins
|
order_notification_for_telegram
|
The Order Notification for Telegram plugin for WordPress is vulnerable to unauthorized test message sending due to a missing capability check on the 'nktgnfw_send_test_message' function in versions u…
|
CWE-862
Missing Authorization
|
CVE-2024-9686
|
2024-11-7 01:19 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
