5.3

CVSS4.0

CVE-2024-9092 - SourceCodester Profile Registration without Reload Refresh Registration Form add.php cross site scrโ€ฆ

A vulnerability was found in SourceCodester Profile Registration without Reload Refresh 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file add.php of the component Registration Form. The manipulation of the argument full_name leads to cross site โ€ฆ

๐Ÿ“… Published: Sept. 23, 2024, 12:31 a.m. ๐Ÿ”„ Last Modified: Sept. 27, 2024, 4:23 p.m.

3.7

CVSS3.1

CVE-2024-45453 - WordPress Maintenance Redirect plugin <= 2.0.1 - IP Bypass vulnerability

Authentication Bypass by Spoofing vulnerability in Peter Hardy-vanDoorn Maintenance Redirect jf3-maintenance-mode.This issue affects Maintenance Redirect: from n/a through <= 2.0.1.

๐Ÿ“… Published: Sept. 23, 2024, 12:06 a.m. ๐Ÿ”„ Last Modified: April 23, 2026, 3:19 p.m.

6.5

CVSS3.1

CVE-2024-44048 - WordPress Product Carousel Slider & Grid Ultimate for WooCommerce plugin <= 1.9.10 - Authenticated โ€ฆ

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wpWax Product Carousel Slider & Grid Ultimate for WooCommerce woo-product-carousel-slider-and-grid-ultimate.This issue affects Product Carousel Slider & Grid Ultimate for WooCommโ€ฆ

๐Ÿ“… Published: Sept. 23, 2024, 12:03 a.m. ๐Ÿ”„ Last Modified: April 23, 2026, 3:19 p.m.

6.5

CVSS3.1

CVE-2024-43996 - WordPress ElementsKit Pro plugin <= 3.6.0 - Local File Inclusion vulnerability

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ElementsKit ElementsKit Pro allows PHP Local File Inclusion.This issue affects ElementsKit Pro: from n/a through 3.6.0.

๐Ÿ“… Published: Sept. 23, 2024, 12:01 a.m. ๐Ÿ”„ Last Modified: Jan. 8, 2025, 4:16 p.m.

6.9

CVSS4.0

CVE-2024-9091 - code-projects Student Record System index.php sql injection

A vulnerability was found in code-projects Student Record System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument regno leads to sql injection. The attack can be launched remotely. The exploit โ€ฆ

๐Ÿ“… Published: Sept. 23, 2024, midnight ๐Ÿ”„ Last Modified: Sept. 27, 2024, 4:22 p.m.

5.4

CVSS3.1

CVE-2023-46948 -

A reflected Cross-Site Scripting (XSS) vulnerability was found on Temenos T24 Browser R19.40 that enables a remote attacker to execute arbitrary JavaScript code via the skin parameter in the about.jsp and genrequest.jsp components.

๐Ÿ“… Published: Sept. 23, 2024, midnight ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

9.8

CVSS3.1

CVE-2024-34331 -

A lack of code signature verification in Parallels Desktop for Mac v19.3.0 and below allows attackers to escalate privileges via a crafted macOS installer, because Parallels Service is setuid root.

๐Ÿ“… Published: Sept. 23, 2024, midnight ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.6

CVSS3.1

CVE-2024-44540 -

Ubiquiti AirMax firmware version firmware version 8 allows attackers with physical access to gain a privileged command shell via the UART Debugging Port.

๐Ÿ“… Published: Sept. 23, 2024, midnight ๐Ÿ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.1

CVSS3.1

CVE-2024-47227 -

iRedAdmin before 2.6 allows XSS, e.g., via order_name.

๐Ÿ“… Published: Sept. 23, 2024, midnight ๐Ÿ”„ Last Modified: March 25, 2025, 3:15 p.m.

6.7

CVSS3.1

CVE-2024-39843 -

A SQL injection vulnerability in Centreon 24.04.2 allows a remote high-privileged attacker to execute arbitrary SQL command via create user form inputs.

๐Ÿ“… Published: Sept. 23, 2024, midnight ๐Ÿ”„ Last Modified: April 28, 2025, 5:11 p.m.
Total resulsts: 349182
Page 8495 of 34,919
ยซ previous page ยป next page
Filters