|
308191
|
- |
|
-
|
-
|
Yealink Meeting Server before V26.0.0.67 is vulnerable to sensitive data exposure in the server response via sending HTTP request with enterprise ID.
|
-
|
CVE-2024-48352
|
2024-11-6 03:35 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308192
|
- |
|
-
|
-
|
Altai Technologies Ltd Altai IX500 Indoor 22 802.11ac Wave 2 AP After login, there are file reads in the background, and attackers can obtain sensitive information such as user credentials, system co…
|
-
|
CVE-2024-51399
|
2024-11-6 03:35 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308193
|
- |
|
-
|
-
|
Altai Technologies Ltd Altai X500 Indoor 22 802.11ac Wave 2 AP web Management Weak password leakage in the background may lead to unauthorized access, data theft, and network attacks, seriously threa…
|
-
|
CVE-2024-51398
|
2024-11-6 03:35 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308194
|
9.8 |
CRITICAL
Network
|
codezips
|
free_exam_hall_seating_management_system
|
A vulnerability classified as critical has been found in Codezips Free Exam Hall Seating Management System 1.0. Affected is an unknown function of the file /teacher.php. The manipulation of the argum…
|
CWE-89
SQL Injection
|
CVE-2024-10737
|
2024-11-6 03:03 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308195
|
9.8 |
CRITICAL
Network
|
codezips
|
free_exam_hall_seating_management_system
|
A vulnerability was found in Codezips Free Exam Hall Seating Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student.php. The manipulatio…
|
CWE-89
SQL Injection
|
CVE-2024-10736
|
2024-11-6 03:03 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308196
|
9.8 |
CRITICAL
Network
|
codezips
|
pet_shop_management_system
|
A vulnerability was found in Codezips Pet Shop Management System 1.0. It has been classified as critical. This affects an unknown part of the file /productsadd.php. The manipulation of the argument i…
|
CWE-89
SQL Injection
|
CVE-2024-10752
|
2024-11-6 02:59 |
2024-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308197
|
5.4 |
MEDIUM
Network
|
tezzeract
|
league_of_legends_shortcodes
|
The League of Legends Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 1.0.1 due to insufficient input sanitization and ou…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10342
|
2024-11-6 02:52 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308198
|
6.5 |
MEDIUM
Network
|
tezzeract
|
league_of_legends_shortcodes
|
The League of Legends Shortcodes plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 1.0.1 due to insufficient escaping on the user suppli…
|
CWE-89
SQL Injection
|
CVE-2024-10341
|
2024-11-6 02:51 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308199
|
5.4 |
MEDIUM
Network
|
bamazoo
|
button_generator
|
The Bamazoo – Button Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's dgs shortcode in all versions up to, and including, 1.0 due to insufficient input san…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10150
|
2024-11-6 02:47 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
308200
|
6.1 |
MEDIUM
Network
|
10web
|
10web_social_post_feed
|
The 10Web Social Post Feed plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and incl…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9607
|
2024-11-6 02:40 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
