|
307741
|
5.9 |
MEDIUM
Network
|
-
|
-
|
IBM Concert Software 1.0.0 through 1.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could expl…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2024-43189
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307742
|
5.1 |
MEDIUM
Local
|
-
|
-
|
A vulnerability in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device.
This vulner…
|
CWE-61
UNIX Symbolic Link (Symlink) Following
|
CVE-2023-20091
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307743
|
6.1 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco Prime Collaboration Deployment could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack against a user o…
|
CWE-79
Cross-site Scripting
|
CVE-2023-20060
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307744
|
9.9 |
CRITICAL
Network
|
-
|
-
|
A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to execute arbitrary commands with administrative privileges on the underlying operating system of an affected…
|
CWE-78
OS Command
|
CVE-2023-20036
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307745
|
4.4 |
MEDIUM
Local
|
-
|
-
|
Three vulnerabilities in the CLI of Cisco TelePresence CE and RoomOS could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device.
These…
|
CWE-59
Link Following
|
CVE-2023-20004
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307746
|
5.4 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the web management interface of Cisco BroadWorks Hosted Thin Receptionist could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against …
|
CWE-79
Cross-site Scripting
|
CVE-2022-20948
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307747
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem could allow an authenticated, remote attacker to elevate privileges on an affected system.
This vul…
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2022-20939
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307748
|
6.1 |
MEDIUM
Network
|
-
|
-
|
IBM Concert Software 1.0.0 through 1.0.1 is vulnerable to cross-site scripting. This vulnerability allows an unauthenticated attacker to embed arbitrary JavaScript code in the Web UI thus altering th…
|
CWE-79
Cross-site Scripting
|
CVE-2024-41785
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307749
|
- |
|
-
|
-
|
A vulnerability classified as problematic has been found in code-projects Online Shop Store 1.0. This affects an unknown part of the file /signup.php. The manipulation of the argument m2 with the inp…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2024-11243
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307750
|
- |
|
-
|
-
|
A vulnerability was found in ZZCMS 2023. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/ad_list.php?action=pass of the component Keyword Filter…
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2024-11242
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
