Show filters
335,340 Total Results
Displaying 241-250 of 10,000
Refine your search criteria for more targeted results.
Sort by:
Attacker Value
Unknown
CVE-2024-52788
Disclosure Date: November 19, 2024 (last updated November 20, 2024)
Tenda W9 v1.0.0.7(4456) was discovered to contain a hardcoded password vulnerability in /etc_ro/shadow, which allows attackers to log in as root.
0
Attacker Value
Unknown
CVE-2024-52600
Disclosure Date: November 19, 2024 (last updated November 20, 2024)
Statmatic is a Laravel and Git powered content management system (CMS). Prior to version 5.17.0, assets uploaded with appropriately crafted filenames may result in them being placed in a location different than what was configured. The issue affects front-end forms with `assets` fields and other places where assets can be uploaded, although users would need upload permissions anyway. Files can be uploaded so they would be located on the server in a different location, and potentially override existing files. Traversal outside an asset container is not possible. This path traversal vulnerability has been fixed in 5.17.0.
0
Attacker Value
Unknown
CVE-2024-52421
Disclosure Date: November 19, 2024 (last updated November 20, 2024)
Cross-Site Request Forgery (CSRF) vulnerability in wp-buy WP Popup Window Maker allows Stored XSS.This issue affects WP Popup Window Maker: from n/a through 2.0.
0
Attacker Value
Unknown
CVE-2024-52420
Disclosure Date: November 19, 2024 (last updated November 20, 2024)
Cross-Site Request Forgery (CSRF) vulnerability in Creative Motion Disable Admin Notices individually allows Cross Site Request Forgery.This issue affects Disable Admin Notices individually: from n/a through 1.3.5.
0
Attacker Value
Unknown
CVE-2024-52402
Disclosure Date: November 19, 2024 (last updated November 20, 2024)
Cross-Site Request Forgery (CSRF) vulnerability in Cliconomics Exclusive Content Password Protect allows Upload a Web Shell to a Web Server.This issue affects Exclusive Content Password Protect: from n/a through 1.1.0.
0
Attacker Value
Unknown
CVE-2024-52401
Disclosure Date: November 19, 2024 (last updated November 21, 2024)
Cross-Site Request Forgery (CSRF) vulnerability in 荒野无灯 Hacklog DownloadManager allows Upload a Web Shell to a Web Server.This issue affects Hacklog DownloadManager: from n/a through 2.1.4.
0
Attacker Value
Unknown
CVE-2024-52395
Disclosure Date: November 19, 2024 (last updated November 20, 2024)
Missing Authorization vulnerability in QunatumCloud Floating Buttons for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Floating Buttons for WooCommerce: from n/a through 2.8.8.
0
Attacker Value
Unknown
CVE-2024-52388
Disclosure Date: November 19, 2024 (last updated November 20, 2024)
Cross-Site Request Forgery (CSRF) vulnerability in Mike “Mikeage” Miller Hebrew Date allows Stored XSS.This issue affects Hebrew Date: from n/a through 2.1.0.
0
Attacker Value
Unknown
CVE-2024-51938
Disclosure Date: November 19, 2024 (last updated November 20, 2024)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NicheAddons Charity Addon for Elementor allows DOM-Based XSS.This issue affects Charity Addon for Elementor: from n/a through 1.3.2.
0
Attacker Value
Unknown
CVE-2024-51937
Disclosure Date: November 19, 2024 (last updated November 20, 2024)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Information Analytics IA Map Analytics Basic allows DOM-Based XSS.This issue affects IA Map Analytics Basic: from n/a through 20170413.
0