|
308701
|
9.8 |
CRITICAL
Network
|
spx
|
spx_graphics_controller
|
An issue in TuomoKu SPx-GC v.1.3.0 and before allows a remote attacker to execute arbitrary code via the child_process.js function.
|
CWE-94
Code Injection
|
CVE-2024-44623
|
2024-09-25 23:53 |
2024-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308702
|
9.8 |
CRITICAL
Network
|
ergophone
yealink
|
tiptel_ip_286_firmware
sip-t28p_firmware
|
Directory Traversal in the web interface of the Tiptel IP 286 with firmware version 2.61.13.10 allows attackers to overwrite arbitrary files on the phone via the Ringtone upload function.
|
CWE-22
Path Traversal
|
CVE-2024-33109
|
2024-09-25 23:47 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308703
|
9.8 |
CRITICAL
Network
|
closed-loop
|
cless_server
|
An arbitrary file upload vulnerability in the Media Manager function of Closed-Loop Technology CLESS Server v4.5.2 allows attackers to execute arbitrary code via uploading a crafted PHP file to the u…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2024-40125
|
2024-09-25 23:46 |
2024-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308704
|
6.1 |
MEDIUM
Network
|
surecart
|
surecart
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SureCart allows Reflected XSS.This issue affects SureCart: from n/a through 2.29.3.
|
CWE-79
Cross-site Scripting
|
CVE-2024-43970
|
2024-09-25 23:18 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308705
|
4.8 |
MEDIUM
Network
|
pagelayer
|
pagelayer
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Pagelayer Team PageLayer allows Stored XSS.This issue affects PageLayer: from n/a through …
|
CWE-79
Cross-site Scripting
|
CVE-2024-43972
|
2024-09-25 23:16 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308706
|
5.4 |
MEDIUM
Network
|
podlove
|
podlove_podcast_publisher
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Podlove Podlove Podcast Publisher allows Stored XSS.This issue affects Podlove Podcast Pub…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43983
|
2024-09-25 23:11 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308707
|
5.4 |
MEDIUM
Network
|
wayneconnor
|
sliding_door
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in wayneconnor Sliding Door allows Stored XSS.This issue affects Sliding Door: from n/a throu…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43987
|
2024-09-25 23:08 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308708
|
5.4 |
MEDIUM
Network
|
digitalnature
|
mystique
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in digitalnature Mystique allows Stored XSS.This issue affects Mystique: from n/a through 2.5…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43988
|
2024-09-25 22:55 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308709
|
5.4 |
MEDIUM
Network
|
webdzier
|
hotel_galaxy
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in webdzier Hotel Galaxy allows Stored XSS.This issue affects Hotel Galaxy: from n/a through …
|
CWE-79
Cross-site Scripting
|
CVE-2024-43991
|
2024-09-25 22:53 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308710
|
5.4 |
MEDIUM
Network
|
latepoint
|
latepoint
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Latepoint LatePoint allows Stored XSS.This issue affects LatePoint: from n/a through 4.9.9…
|
CWE-79
Cross-site Scripting
|
CVE-2024-43992
|
2024-09-25 22:47 |
2024-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
