|
312251
|
8.8 |
HIGH
Network
|
esafenet
|
cdg
|
A vulnerability was found in ESAFENET CDG 5. It has been classified as critical. Affected is the function docHistory of the file /com/esafenet/servlet/fileManagement/FileDirectoryService.java. The ma…
|
CWE-89
SQL Injection
|
CVE-2024-10594
|
2024-11-6 02:05 |
2024-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312252
|
5.4 |
MEDIUM
Network
|
webcraftplugins
|
image_map_pro
|
The Image Map Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'save_project' function with an arbitrary shortcode in versions up to, and including, 6.0.20 due to insuffi…
|
CWE-79
Cross-site Scripting
|
CVE-2024-9585
|
2024-11-6 02:05 |
2024-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312253
|
9.8 |
CRITICAL
Network
|
esafenet
|
cdg
|
A vulnerability, which was classified as critical, was found in ESAFENET CDG 5. This affects the function deleteHook of the file /com/esafenet/servlet/policy/HookService.java. The manipulation of the…
|
CWE-89
SQL Injection
|
CVE-2024-10660
|
2024-11-6 02:04 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312254
|
9.8 |
CRITICAL
Network
|
esafenet
|
cdg
|
A vulnerability, which was classified as critical, has been found in ESAFENET CDG 5. Affected by this issue is the function delSystemEncryptPolicy of the file /com/esafenet/servlet/document/CDGAuthor…
|
CWE-89
SQL Injection
|
CVE-2024-10659
|
2024-11-6 02:04 |
2024-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312255
|
5.4 |
MEDIUM
Network
|
webcraftplugins
|
image_map_pro
|
The Image Map Pro plugin for WordPress is vulnerable to unauthorized modification of data and loss of data due to a missing capability check on the AJAX functions in versions up to, and including, 6.…
|
CWE-862
Missing Authorization
|
CVE-2024-9584
|
2024-11-6 02:04 |
2024-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312256
|
3.5 |
LOW
Network
|
mattermost
|
mattermost
|
Mattermost versions 9.11.X <= 9.11.1, 9.5.x <= 9.5.9 icorrectly issues two sessions when using desktop SSO - one in the browser and one in desktop with incorrect settings.
|
NVD-CWE-Other
|
CVE-2024-10214
|
2024-11-6 02:03 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312257
|
9.8 |
CRITICAL
Network
|
fabinros
|
simple_car_rental_system
|
A vulnerability classified as critical has been found in code-projects Simple Car Rental System 1.0. Affected is an unknown function of the file /signup.php. The manipulation of the argument fname le…
|
CWE-89
SQL Injection
|
CVE-2024-10702
|
2024-11-6 01:52 |
2024-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312258
|
6.1 |
MEDIUM
Network
|
phpgurukul
|
car_rental_portal
|
A vulnerability was found in PHPGurukul Car Rental Portal 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /search.php. The manipulation of the argument s…
|
CWE-79
Cross-site Scripting
|
CVE-2024-10701
|
2024-11-6 01:52 |
2024-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312259
|
6.5 |
MEDIUM
Network
|
cert
|
vince
|
VINCE versions before 3.0.9 is vulnerable to exposure of User information to authenticated users.
|
CWE-276
Incorrect Default Permissions
|
CVE-2024-10469
|
2024-11-6 01:51 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
312260
|
4.8 |
MEDIUM
Adjacent
|
argo_workflows_project
|
argo_workflows
|
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Due to a race condition in a global variable in 3.6.0-rc1, the argo workflows controll…
|
CWE-362
CWE-1108
Race Condition
Excessive Reliance on Global Variables
|
CVE-2024-47827
|
2024-11-6 01:50 |
2024-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
