|
314401
|
4.3 |
MEDIUM
Network
|
simplemachines
|
simple_machines_forum
|
A vulnerability has been found in SimpleMachines SMF 2.1.4 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /index.php?action=profile;u=2;area=sho…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-7438
|
2024-09-11 23:39 |
2024-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314402
|
4.3 |
MEDIUM
Network
|
simplemachines
|
simple_machines_forum
|
A vulnerability, which was classified as critical, was found in SimpleMachines SMF 2.1.4. Affected is an unknown function of the file /index.php?action=profile;u=2;area=showalerts;do=remove of the co…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2024-7437
|
2024-09-11 23:39 |
2024-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314403
|
9.1 |
CRITICAL
Network
|
ibm
|
planning_analytics_workspace
planning_analytics_local
|
IBM Planning Analytics Local 2.0 and 2.1 connects to a MongoDB server. MongoDB, a document-oriented database system, is listening on the remote port, and it is configured to allow connections without…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2024-35143
|
2024-09-11 23:34 |
2024-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314404
|
6.1 |
MEDIUM
Network
|
ai3
|
qbibot
|
Ai3 QbiBot does not properly filter user input, allowing unauthenticated remote attackers to insert JavaScript code into the chat box. Once the recipient views the message, they will be subject to a …
|
CWE-79
Cross-site Scripting
|
CVE-2024-7204
|
2024-09-11 23:23 |
2024-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314405
|
6.5 |
MEDIUM
Network
|
digiwin
|
easyflow_.net
|
Digiwin EasyFlow .NET lacks proper access control for specific functionality, and the functionality do not adequately filter user input. A remote attacker with regular privilege can exploit this vuln…
|
CWE-22
Path Traversal
|
CVE-2024-7323
|
2024-09-11 23:22 |
2024-08-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314406
|
9.8 |
CRITICAL
Network
|
forip
|
administracao_pabx
|
A vulnerability was found in ForIP Tecnologia Administração PABX 1.x. It has been rated as critical. Affected by this issue is some unknown functionality of the file /authMonitCallcenter of the compo…
|
CWE-89
SQL Injection
|
CVE-2024-7461
|
2024-09-11 23:16 |
2024-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314407
|
- |
|
-
|
-
|
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
|
-
|
CVE-2024-7805
|
2024-09-11 23:15 |
2024-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314408
|
6.1 |
MEDIUM
Network
|
lang-learn-guy
|
learning_with_texts
|
Learning with Texts (LWT) 2.0.3 is vulnerable to Cross Site Scripting (XSS). The application has a specific function that does not filter special characters in URL parameters. Remote attackers can in…
|
CWE-79
Cross-site Scripting
|
CVE-2024-41572
|
2024-09-11 23:15 |
2024-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314409
|
5.9 |
MEDIUM
Network
|
ibm
|
java_sdk
|
The Object Request Broker (ORB) in IBM SDK, Java Technology Edition 7.1.0.0 through 7.1.5.18 and 8.0.0.0 through 8.0.8.26 is vulnerable to remote denial of service, caused by a race condition in the …
|
NVD-CWE-noinfo
|
CVE-2024-27267
|
2024-09-11 22:48 |
2024-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314410
|
6.5 |
MEDIUM
Network
|
qnap
|
qts
quts_hero
|
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expos…
|
CWE-22
Path Traversal
|
CVE-2024-21904
|
2024-09-11 22:40 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
