|
314271
|
8.8 |
HIGH
Network
|
pricelisto
|
great_restaurant_menu_wp
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PriceListo Best Restaurant Menu by PriceListo allows SQL Injection.This issue affects Best Restau…
|
CWE-89
SQL Injection
|
CVE-2024-38793
|
2024-09-14 05:57 |
2024-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314272
|
6.1 |
MEDIUM
Network
|
wpengine
|
advanced_custom_fields
|
Cross-site scripting vulnerability exists in Advanced Custom Fields versions 6.3.5 and earlier and Advanced Custom Fields Pro versions 6.3.5 and earlier. If an attacker with the 'capability' setting …
|
CWE-79
Cross-site Scripting
|
CVE-2024-45429
|
2024-09-14 05:48 |
2024-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314273
|
8.8 |
HIGH
Network
|
dell
|
smartfabric_os10
|
Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x , contain(s) an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A…
|
CWE-77
Command Injection
|
CVE-2024-38486
|
2024-09-14 05:36 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314274
|
7.2 |
HIGH
Network
|
wedevs
|
wp_user_frontend
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs WP User Frontend allows SQL Injection.This issue affects WP User Frontend: from n/a throug…
|
CWE-89
SQL Injection
|
CVE-2024-38693
|
2024-09-14 05:35 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314275
|
5.4 |
MEDIUM
Network
|
qnap
|
notes_station_3
|
A cross-site scripting (XSS) vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.
We hav…
|
CWE-79
Cross-site Scripting
|
CVE-2024-27126
|
2024-09-14 05:31 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314276
|
7.5 |
HIGH
Network
|
accordors
|
accord_ors
|
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ariva Computer Accord ORS allows Retrieve Embedded Sensitive Data.This issue affects Accord ORS: before 7.3.2.1.
|
NVD-CWE-noinfo
|
CVE-2024-1744
|
2024-09-14 05:30 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314277
|
6.1 |
MEDIUM
Network
|
br-automation
|
industrial_automation_aprol
|
Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B&R APROL <= R 4.4-00P3 may allow a network-based attacker to execute arbitrary JavaScript code in the context of the user's brows…
|
CWE-79
Cross-site Scripting
|
CVE-2024-5624
|
2024-09-14 05:23 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314278
|
7.8 |
HIGH
Local
|
br-automation
|
industrial_automation_aprol
|
An untrusted search path vulnerability in the AprolConfigureCCServices of B&R APROL <= R 4.2.-07P3 and <= R 4.4-00P3 may allow an authenticated local attacker to execute arbitrary code with elevated …
|
CWE-426
Untrusted Search Path
|
CVE-2024-5622
|
2024-09-14 05:21 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314279
|
7.8 |
HIGH
Local
|
br-automation
|
industrial_automation_aprol
|
An untrusted search path vulnerability in B&R APROL <= R 4.4-00P3 may be used by an authenticated local attacker to get other users to execute arbitrary code under their privileges.
|
CWE-426
Untrusted Search Path
|
CVE-2024-5623
|
2024-09-14 05:19 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314280
|
8.8 |
HIGH
Network
|
portabilis
|
i-educar
|
i-Educar is free, fully online school management software that can be used by school secretaries, teachers, coordinators, and area managers. A SQL Injection vulnerability was found prior to the 2.9 b…
|
CWE-89
SQL Injection
|
CVE-2024-45059
|
2024-09-14 05:09 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
