|
313801
|
8.8 |
HIGH
Network
|
dell
|
smartfabric_os10
|
Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x , contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A…
|
CWE-77
Command Injection
|
CVE-2024-38486
|
2024-09-14 05:36 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313802
|
7.2 |
HIGH
Network
|
wedevs
|
wp_user_frontend
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs WP User Frontend allows SQL Injection.This issue affects WP User Frontend: from n/a throug…
|
CWE-89
SQL Injection
|
CVE-2024-38693
|
2024-09-14 05:35 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313803
|
5.4 |
MEDIUM
Network
|
qnap
|
notes_station_3
|
A cross-site scripting (XSS) vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.
We hav…
|
CWE-79
Cross-site Scripting
|
CVE-2024-27126
|
2024-09-14 05:31 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313804
|
7.5 |
HIGH
Network
|
accordors
|
accord_ors
|
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ariva Computer Accord ORS allows Retrieve Embedded Sensitive Data.This issue affects Accord ORS: before 7.3.2.1.
|
NVD-CWE-noinfo
|
CVE-2024-1744
|
2024-09-14 05:30 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313805
|
6.1 |
MEDIUM
Network
|
br-automation
|
industrial_automation_aprol
|
Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B&R APROL <= R 4.4-00P3 may allow a network-based attacker to execute arbitrary JavaScript code in the context of the user's brows…
|
CWE-79
Cross-site Scripting
|
CVE-2024-5624
|
2024-09-14 05:23 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313806
|
7.8 |
HIGH
Local
|
br-automation
|
industrial_automation_aprol
|
An untrusted search path vulnerability in the AprolConfigureCCServices of B&R APROL <= R 4.2.-07P3 and <= R 4.4-00P3 may allow an authenticated local attacker to execute arbitrary code with elevated …
|
CWE-426
Untrusted Search Path
|
CVE-2024-5622
|
2024-09-14 05:21 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313807
|
7.8 |
HIGH
Local
|
br-automation
|
industrial_automation_aprol
|
An untrusted search path vulnerability in B&R APROL <= R 4.4-00P3 may be used by an authenticated local attacker to get other users to execute arbitrary code under their privileges.
|
CWE-426
Untrusted Search Path
|
CVE-2024-5623
|
2024-09-14 05:19 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313808
|
8.8 |
HIGH
Network
|
portabilis
|
i-educar
|
i-Educar is free, fully online school management software that can be used by school secretaries, teachers, coordinators, and area managers. A SQL Injection vulnerability was found prior to the 2.9 b…
|
CWE-89
SQL Injection
|
CVE-2024-45059
|
2024-09-14 05:09 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313809
|
8.1 |
HIGH
Network
|
portabilis
|
i-educar
|
i-Educar is free, fully online school management software that can be used by school secretaries, teachers, coordinators, and area managers. Prior to the 2.9 branch, an attacker with only minimal vie…
|
CWE-862
Missing Authorization
|
CVE-2024-45058
|
2024-09-14 05:06 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313810
|
6.1 |
MEDIUM
Network
|
portabilis
|
i-educar
|
i-Educar is free, fully online school management software that can be used by school secretaries, teachers, coordinators, and area managers. A Reflected Cross-Site Scripting (XSS) vulnerability was i…
|
CWE-79
Cross-site Scripting
|
CVE-2024-45057
|
2024-09-14 05:03 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
