|
309681
|
- |
|
sgi
bsdi
sun
hp
ibm
freebsd
|
irix
bsd_os
sunos
hp-ux
aix
freebsd
solaris
|
Local user gains root privileges via buffer overflow in rdist, via expstr() function.
|
NVD-CWE-Other
|
CVE-1999-0022
|
2024-10-29 23:35 |
1996-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309682
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Newsletters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's newsletters_video shortcode in all versions up to, and including, 4.9.9.4 due to insufficient input …
|
CWE-79
Cross-site Scripting
|
CVE-2024-10181
|
2024-10-29 23:34 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309683
|
- |
|
-
|
-
|
A vulnerability was found in LUNAD3v AreaLoad up to 1a1103182ed63a06dde63d1712f3262eda19c3ec. It has been rated as critical. This issue affects some unknown processing of the file request.php. The ma…
|
CWE-89
SQL Injection
|
CVE-2017-20195
|
2024-10-29 23:34 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309684
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The Move Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.5 via the render function in includes/widgets/accordion/wi…
|
-
|
CVE-2024-10360
|
2024-10-29 23:34 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309685
|
- |
|
-
|
-
|
The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sa_subscribe shortcode in all versions up to, and including, 3.7.5 d…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10233
|
2024-10-29 23:34 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309686
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The StreamWeasels YouTube Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sw-youtube-embed shortcode in all versions up to, and including, 1.3.2 due to …
|
CWE-79
Cross-site Scripting
|
CVE-2024-10185
|
2024-10-29 23:34 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309687
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The StreamWeasels Kick Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sw-kick-embed shortcode in all versions up to, and including, 1.1.1 due to insuff…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10184
|
2024-10-29 23:34 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309688
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Kata Plus – Addons for Elementor – Widgets, Extensions and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9376
|
2024-10-29 23:34 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309689
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The WPC Smart Messages for WooCommerce plugin for WordPress is vulnerable to unauthorized Smar Message activation/deactivation due to a missing capability check on the ajax_enable function in all ver…
|
CWE-862
Missing Authorization
|
CVE-2024-10437
|
2024-10-29 23:34 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309690
|
8.8 |
HIGH
Network
|
-
|
-
|
The WPC Smart Messages for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 4.2.1 via the get_condition_value function. This makes it possi…
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2024-10436
|
2024-10-29 23:34 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
