|
309071
|
- |
|
-
|
-
|
Portainer before 2.20.2 improperly uses an encryption algorithm in the AesEncrypt function.
|
-
|
CVE-2024-33662
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309072
|
- |
|
-
|
-
|
Versions of the package cocoon before 0.4.0 are vulnerable to Reusing a Nonce, Key Pair in Encryption when the encrypt, wrap, and dump functions are sequentially called. An attacker can generate the …
|
-
|
CVE-2024-21530
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309073
|
- |
|
-
|
-
|
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Self Cross-Site Scripting (Self-XSS) vulnerability in the "Alert Templates" feature allows users to inject arbitrary Java…
|
CWE-79
Cross-site Scripting
|
CVE-2024-47526
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309074
|
- |
|
-
|
-
|
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can create a Device Groups, the application did not properly sanitize the user input in the Device Gro…
|
-
|
CVE-2024-47524
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309075
|
- |
|
-
|
-
|
Scriptcase 9.10.023 and before is vulnerable to Remote Code Execution (RCE) via the nm_unzip function.
|
-
|
CVE-2024-46084
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309076
|
- |
|
-
|
-
|
Scriptcase v.9.10.023 and before is vulnerable to Cross Site Scripting (XSS) in nm_cor.php via the form and field parameters.
|
-
|
CVE-2024-46082
|
2024-10-4 22:50 |
2024-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309077
|
4.8 |
MEDIUM
Network
|
funnyzpc
|
mee-admin
|
A vulnerability, which was classified as problematic, was found in funnyzpc Mee-Admin up to 1.6. This affects an unknown part of the file /mee/index of the component User Center. The manipulation of …
|
CWE-79
Cross-site Scripting
|
CVE-2024-9279
|
2024-10-4 22:31 |
2024-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309078
|
4.8 |
MEDIUM
Network
|
mage-people
|
ecab_taxi_booking_manager
|
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in MagePeople Team Taxi Booking Manager for WooCommerce allows Stored XSS.This issue affects …
|
CWE-79
Cross-site Scripting
|
CVE-2024-43986
|
2024-10-4 22:22 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309079
|
5.3 |
MEDIUM
Network
|
funnelforms
|
funnelforms_free
|
The Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor – Funnelforms Free plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check o…
|
CWE-862
Missing Authorization
|
CVE-2024-5857
|
2024-10-4 21:59 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309080
|
4.3 |
MEDIUM
Network
|
volkov
|
wp_accessibility_helper
|
The WP Accessibility Helper (WAH) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'save_contrast_variations' and 'save_empty_contrast_…
|
CWE-862
Missing Authorization
|
CVE-2024-5987
|
2024-10-4 21:56 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
