Show filters
13,157 Total Results
Displaying 481-490 of 10,000
Refine your search criteria for more targeted results.
Sort by:
Attacker Value
Unknown
CVE-2024-37442
Disclosure Date: July 09, 2024 (last updated August 30, 2024)
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Photo Gallery Team Photo Gallery by Ays allows Code Injection.This issue affects Photo Gallery by Ays: from n/a before 5.7.1.
0
Attacker Value
Unknown
CVE-2024-37410
Disclosure Date: July 09, 2024 (last updated August 30, 2024)
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Beaver Addons PowerPack Lite for Beaver Builder allows Path Traversal.This issue affects PowerPack Lite for Beaver Builder: from n/a through 1.3.0.3.
0
Attacker Value
Unknown
CVE-2024-37266
Disclosure Date: July 09, 2024 (last updated August 30, 2024)
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themeum Tutor LMS allows Path Traversal.This issue affects Tutor LMS: from n/a through 2.7.1.
0
Attacker Value
Unknown
CVE-2024-37486
Disclosure Date: July 09, 2024 (last updated August 03, 2024)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Paid Memberships Pro.This issue affects Paid Memberships Pro: from n/a through 3.0.5.
0
Attacker Value
Unknown
CVE-2024-37256
Disclosure Date: July 09, 2024 (last updated August 03, 2024)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeum Tutor LMS.This issue affects Tutor LMS: from n/a through 2.7.1.
0
Attacker Value
Unknown
CVE-2024-6123
Disclosure Date: July 09, 2024 (last updated August 14, 2024)
The Bit Form plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'iconUpload' function in all versions up to, and including, 2.13.3. This makes it possible for authenticated attackers, with administrator-level and above permissions, to upload arbitrary files on the affected site's server which may make remote code execution possible.
0
Attacker Value
Unknown
CVE-2024-28751
Disclosure Date: July 09, 2024 (last updated July 09, 2024)
An high privileged remote attacker can enable telnet access that accepts hardcoded credentials.
0
Attacker Value
Unknown
CVE-2024-28749
Disclosure Date: July 09, 2024 (last updated July 09, 2024)
A remote attacker with high privileges may use a writing file function to inject OS commands.
0
Attacker Value
Unknown
CVE-2024-28748
Disclosure Date: July 09, 2024 (last updated July 09, 2024)
A remote attacker with high privileges may use a reading file function to inject OS commands.
0
Attacker Value
Unknown
CVE-2024-5802
Disclosure Date: July 09, 2024 (last updated July 13, 2024)
The URL Shortener by Myhop WordPress plugin through 1.0.17 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed
0