|
315621
|
5.4 |
MEDIUM
Network
|
qnap
|
notes_station_3
|
A cross-site scripting (XSS) vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.
We hav…
|
CWE-79
Cross-site Scripting
|
CVE-2024-27126
|
2024-09-14 05:31 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315622
|
7.5 |
HIGH
Network
|
accordors
|
accord_ors
|
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ariva Computer Accord ORS allows Retrieve Embedded Sensitive Data.This issue affects Accord ORS: before 7.3.2.1.
|
NVD-CWE-noinfo
|
CVE-2024-1744
|
2024-09-14 05:30 |
2024-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315623
|
6.1 |
MEDIUM
Network
|
br-automation
|
industrial_automation_aprol
|
Reflected Cross-Site Scripting (XSS) in Shift Logbook application of B&R APROL <= R 4.4-00P3 may allow a network-based attacker to execute arbitrary JavaScript code in the context of the user's brows…
|
CWE-79
Cross-site Scripting
|
CVE-2024-5624
|
2024-09-14 05:23 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315624
|
7.8 |
HIGH
Local
|
br-automation
|
industrial_automation_aprol
|
An untrusted search path vulnerability in the AprolConfigureCCServices of B&R APROL <= R 4.2.-07P3 and <= R 4.4-00P3 may allow an authenticated local attacker to execute arbitrary code with elevated …
|
CWE-426
Untrusted Search Path
|
CVE-2024-5622
|
2024-09-14 05:21 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315625
|
7.8 |
HIGH
Local
|
br-automation
|
industrial_automation_aprol
|
An untrusted search path vulnerability in B&R APROL <= R 4.4-00P3 may be used by an authenticated local attacker to get other users to execute arbitrary code under their privileges.
|
CWE-426
Untrusted Search Path
|
CVE-2024-5623
|
2024-09-14 05:19 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315626
|
8.8 |
HIGH
Network
|
portabilis
|
i-educar
|
i-Educar is free, fully online school management software that can be used by school secretaries, teachers, coordinators, and area managers. A SQL Injection vulnerability was found prior to the 2.9 b…
|
CWE-89
SQL Injection
|
CVE-2024-45059
|
2024-09-14 05:09 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315627
|
8.1 |
HIGH
Network
|
portabilis
|
i-educar
|
i-Educar is free, fully online school management software that can be used by school secretaries, teachers, coordinators, and area managers. Prior to the 2.9 branch, an attacker with only minimal vie…
|
CWE-862
Missing Authorization
|
CVE-2024-45058
|
2024-09-14 05:06 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315628
|
6.1 |
MEDIUM
Network
|
portabilis
|
i-educar
|
i-Educar is free, fully online school management software that can be used by school secretaries, teachers, coordinators, and area managers. A Reflected Cross-Site Scripting (XSS) vulnerability was i…
|
CWE-79
Cross-site Scripting
|
CVE-2024-45057
|
2024-09-14 05:03 |
2024-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315629
|
7.5 |
HIGH
Network
|
huawei
|
harmonyos
emui
|
Vulnerability of permission verification for APIs in the DownloadProviderMain module
Impact: Successful exploitation of this vulnerability will affect availability.
|
NVD-CWE-noinfo
|
CVE-2024-45442
|
2024-09-14 05:00 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
315630
|
5.4 |
MEDIUM
Network
|
squaredup
|
squaredup_ds_for_scom
|
SquaredUp DS for SCOM 6.2.1.11104 allows XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2024-45180
|
2024-09-14 04:55 |
2024-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
