7.6

CVSS3.1

CVE-2021-27700 -

SOCIFI Socifi Guest wifi as SAAS wifi portal is affected by Insecure Permissions. Any authorized customer with partner mode can switch to another customer dashboard and perform actions like modify user, delete user, etc.

πŸ“… Published: Nov. 12, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

4.7

CVSS3.1

CVE-2021-27701 -

SOCIFI Socifi Guest wifi as SAAS is affected by Cross Site Request Forgery (CSRF) via the Socifi wifi portal. The application does not contain a CSRF token and request validation. An attacker can Add/Modify any random user data by sending a crafted CSRF request.

πŸ“… Published: Nov. 12, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.1

CVSS3.1

CVE-2021-27703 -

Sercomm Model Etisalat Model S3- AC2100 is affected by Cross Site Scripting (XSS) via the firmware update page.

πŸ“… Published: Nov. 12, 2024, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.8

CVSS4.0

CVE-2024-23983 - Access rules for PingAccess may be circumvented with URL-encoded characters

Improper handling of canonical URL-encoding may lead to bypass not properly constrained by request rules.

πŸ“… Published: Nov. 11, 2024, 10:56 p.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

0.0

CVE-2024-11105 -

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

πŸ“… Published: Nov. 11, 2024, 9:01 p.m. πŸ”„ Last Modified: July 5, 2025, 11:15 p.m.

5.3

CVSS4.0

CVE-2024-51484 - Insufficient Validation in Controllers (Activation/Deactivation) in Ampache

Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing fails to properly validate CSRF tokens when activating or deactivating controllers. This vulnerability allows an attacker to exploit CSRF attacks, potentially enabling them to chan…

πŸ“… Published: Nov. 11, 2024, 7:46 p.m. πŸ”„ Last Modified: Nov. 14, 2024, 8:14 p.m.

5.3

CVSS4.0

CVE-2024-51485 - Insufficient Validation in Plugins (Activation/Deactivation) in Ampache

Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing fails to properly validate CSRF tokens when activating or deactivating plugins. This vulnerability allows an attacker to exploit CSRF attacks, potentially enabling them to change w…

πŸ“… Published: Nov. 11, 2024, 7:45 p.m. πŸ”„ Last Modified: Nov. 14, 2024, 8:06 p.m.

5.5

CVSS3.1

CVE-2024-51486 - Stored Cross-Site Scripting in Ampache

Ampache is a web based audio/video streaming application and file manager. The vulnerability exists in the interface section of the Ampache menu, where users can change the "Custom URLβ€Š-β€ŠFavicon". This section is not properly sanitized, allowing for the input of strings that can execute JavaScript.…

πŸ“… Published: Nov. 11, 2024, 7:44 p.m. πŸ”„ Last Modified: Nov. 21, 2024, 9:45 a.m.

5.3

CVSS4.0

CVE-2024-51487 - Insufficient Validation in Catalog (Activation/Deactivation) in Ampache

Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing fails to properly validate CSRF tokens when activating or deactivating catalog. This vulnerability allows an attacker to exploit CSRF attacks, potentially enabling them to change w…

πŸ“… Published: Nov. 11, 2024, 7:43 p.m. πŸ”„ Last Modified: Nov. 14, 2024, 7:37 p.m.

5.3

CVSS4.0

CVE-2024-51488 - Insufficient Validation in Delete Message in Ampache

Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing does not adequately validate CSRF tokens when users delete messages. This vulnerability could be exploited to forge CSRF attacks, allowing an attacker to delete messages to any use…

πŸ“… Published: Nov. 11, 2024, 7:42 p.m. πŸ”„ Last Modified: Nov. 14, 2024, 8:12 p.m.
Total resulsts: 345151
Page 7539 of 34,516
Β« previous page Β» next page
Filters