5.3
CVE-2024-10660 - ESAFENET CDG HookService.java deleteHook sql injection
A vulnerability, which was classified as critical, was found in ESAFENET CDG 5. This affects the function deleteHook of the file /com/esafenet/servlet/policy/HookService.java. The manipulation of the argument hookId leads to sql injection. It is possible to initiate the attack remotely. The exploitβ¦
5.3
CVE-2024-10659 - ESAFENET CDG CDGAuthoriseTempletService.java delSystemEncryptPolicy sql injection
A vulnerability, which was classified as critical, has been found in ESAFENET CDG 5. Affected by this issue is the function delSystemEncryptPolicy of the file /com/esafenet/servlet/document/CDGAuthoriseTempletService.java. The manipulation of the argument id leads to sql injection. The attack may bβ¦
5.3
CVE-2024-10658 - Tongda OA check_seal.php sql injection
A vulnerability classified as critical was found in Tongda OA up to 11.10. Affected by this vulnerability is an unknown functionality of the file /pda/approve_center/check_seal.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has beenβ¦
5.3
CVE-2024-10657 - Tongda OA prcs_info.php sql injection
A vulnerability classified as critical has been found in Tongda OA up to 11.10. Affected is an unknown function of the file /pda/approve_center/prcs_info.php. The manipulation of the argument RUN_ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosedβ¦
5.3
CVE-2024-10656 - Tongda OA 2017 apply.php sql injection
A vulnerability was found in Tongda OA 2017 up to 11.9. It has been rated as critical. This issue affects some unknown processing of the file /pda/meeting/apply.php. The manipulation of the argument mr_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed tβ¦
6.5
CVE-2024-37209 - WordPress User Rights Access Manager plugin <= 1.1.2 - Broken Access Control vulnerability
Access Control vulnerability in Prism IT Systems User Rights Access Manager allows . This issue affects User Rights Access Manager: from n/a through 1.1.2.
6.5
CVE-2024-49256 - WordPress Htaccess File Editor plugin <= 1.0.18 - Broken Access Control vulnerability
Incorrect Authorization vulnerability in WP Chill Htaccess File Editor htaccess-file-editor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Htaccess File Editor: from n/a through <= 1.0.18.
4.3
CVE-2024-48045 - WordPress Happy Elementor Addons plugin <= 3.12.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Happy Addons for Elementor: from n/a through <= 3.12.3.
5.4
CVE-2024-48044 - WordPress ShortPixel Image Optimizer plugin <= 5.6.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in ShortPixel ShortPixel Image Optimizer shortpixel-image-optimiser allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ShortPixel Image Optimizer: from n/a through <= 5.6.3.
4.3
CVE-2024-48039 - WordPress CubeWP Framework plugin <= 1.1.15 - Broken Access Control vulnerability
Missing Authorization vulnerability in Imran Tauqeer CubeWP cubewp-framework allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CubeWP: from n/a through <= 1.1.15.