|
313981
|
7.5 |
HIGH
Network
|
huawei
|
harmonyos
emui
|
Access permission verification vulnerability in the Notepad module
Impact: Successful exploitation of this vulnerability may affect service confidentiality.
|
NVD-CWE-noinfo
|
CVE-2024-42036
|
2024-09-14 06:09 |
2024-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313982
|
9.8 |
CRITICAL
Network
|
wpwebelite
|
docket
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPWeb Elite Docket (WooCommerce Collections / Wishlist / Watchlist) allows SQL Injection.This iss…
|
CWE-89
SQL Injection
|
CVE-2024-43132
|
2024-09-14 06:07 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313983
|
4.8 |
MEDIUM
Network
|
qnap
|
helpdesk
|
A cross-site scripting (XSS) vulnerability has been reported to affect Helpdesk. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network.
We h…
|
CWE-79
Cross-site Scripting
|
CVE-2024-27125
|
2024-09-14 06:06 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313984
|
7.2 |
HIGH
Network
|
salonbookingsystem
|
salon_booking_system
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Salon Booking System Salon booking system allows SQL Injection.This issue affects Salon booking s…
|
CWE-89
SQL Injection
|
CVE-2024-39658
|
2024-09-14 06:04 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313985
|
9.8 |
CRITICAL
Network
|
e4jconnect
|
vikrentcar
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in E4J s.R.L. VikRentCar allows SQL Injection.This issue affects VikRentCar: from n/a through 1.4.0.
|
CWE-89
SQL Injection
|
CVE-2024-39653
|
2024-09-14 06:03 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313986
|
8.8 |
HIGH
Network
|
roundupwp
|
registrations_for_the_events_calendar
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Roundup WP Registrations for the Events Calendar allows SQL Injection.This issue affects Registra…
|
CWE-89
SQL Injection
|
CVE-2024-39638
|
2024-09-14 06:00 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313987
|
8.8 |
HIGH
Network
|
pricelisto
|
great_restaurant_menu_wp
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PriceListo Best Restaurant Menu by PriceListo allows SQL Injection.This issue affects Best Restau…
|
CWE-89
SQL Injection
|
CVE-2024-38793
|
2024-09-14 05:57 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313988
|
6.1 |
MEDIUM
Network
|
wpengine
|
advanced_custom_fields
|
Cross-site scripting vulnerability exists in Advanced Custom Fields versions 6.3.5 and earlier and Advanced Custom Fields Pro versions 6.3.5 and earlier. If an attacker with the 'capability' setting …
|
CWE-79
Cross-site Scripting
|
CVE-2024-45429
|
2024-09-14 05:48 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313989
|
8.8 |
HIGH
Network
|
dell
|
smartfabric_os10
|
Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x , contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A…
|
CWE-77
Command Injection
|
CVE-2024-38486
|
2024-09-14 05:36 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313990
|
7.2 |
HIGH
Network
|
wedevs
|
wp_user_frontend
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs WP User Frontend allows SQL Injection.This issue affects WP User Frontend: from n/a throug…
|
CWE-89
SQL Injection
|
CVE-2024-38693
|
2024-09-14 05:35 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
