|
304651
|
9.8 |
CRITICAL
Network
|
dlink
|
di-8003_firmware
|
A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been declared as critical. Affected by this vulnerability is the function upgrade_filter_asp of the file /upgrade_filter.asp. The manipu…
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2024-11047
|
2024-11-14 05:56 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304652
|
9.8 |
CRITICAL
Network
|
dlink
|
di-8003_firmware
|
A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been rated as critical. Affected by this issue is the function dbsrv_asp of the file /dbsrv.asp. The manipulation of the argument str le…
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2024-11048
|
2024-11-14 05:53 |
2024-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304653
|
7.2 |
HIGH
Network
|
salesagility
|
suitecrm
|
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. SuiteCRM relies on the blacklist of functions/methods to prevent installation of malicious ML…
|
NVD-CWE-noinfo
|
CVE-2024-49774
|
2024-11-14 05:40 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304654
|
8.8 |
HIGH
Network
|
zohocorp
|
manageengine_admanager_plus
|
Zohocorp ManageEngine ADManager Plus versions 7203 and prior are vulnerable to Privilege Escalation in the Modify Computers option.
|
NVD-CWE-noinfo
|
CVE-2024-24409
|
2024-11-14 05:35 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304655
|
5.4 |
MEDIUM
Network
|
mycred
|
mycred
|
The myCred – Loyalty Points and Rewards plugin for WordPress and WooCommerce – Give Points, Ranks, Badges, Cashback, WooCommerce rewards, and WooCommerce credits for Gamification plugin for WordPress…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10187
|
2024-11-14 05:31 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304656
|
6.5 |
MEDIUM
Network
|
salesagility
|
suitecrm
|
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. Poor input validation in export allows authenticated user do a SQL injection attack. User-con…
|
CWE-89
SQL Injection
|
CVE-2024-49773
|
2024-11-14 05:29 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304657
|
8.1 |
HIGH
Network
|
zohocorp
|
manageengine_sharepoint_manager_plus
|
Zohocorp ManageEngine SharePoint Manager Plus versions 4503 and prior are vulnerable to authenticated XML External Entity (XXE) in the Management option.
|
CWE-611
XXE
|
CVE-2024-10839
|
2024-11-14 05:19 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304658
|
8.8 |
HIGH
Network
|
salesagility
|
suitecrm
|
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. In SuiteCRM versions 7.14.4, poor input validation allows authenticated user do a SQL injecti…
|
CWE-89
SQL Injection
|
CVE-2024-49772
|
2024-11-14 05:19 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304659
|
8.8 |
HIGH
Network
|
salesagility
|
suitecrm
|
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management (CRM) software application. User input is not validated and is written to the filesystem. The ParserLabel::addLabels() fu…
|
NVD-CWE-noinfo
|
CVE-2024-50333
|
2024-11-14 05:10 |
2024-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
304660
|
5.4 |
MEDIUM
Network
|
brainstormforce
|
elementor_header_\&_footer_builder
|
The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 1.6.45 due to insufficient …
|
CWE-79
Cross-site Scripting
|
CVE-2024-10325
|
2024-11-14 05:01 |
2024-11-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
