5.3

CVSS3.1

CVE-2024-31844 -

An issue was discovered in Italtel Embrace 1.6.4. The server does not properly handle application errors. In some cases, this leads to a disclosure of information about the server. An unauthenticated user is able craft specific requests in order to make the application generate an error. Inside an …

πŸ“… Published: May 21, 2024, 3:33 p.m. πŸ”„ Last Modified: March 13, 2025, 9:15 p.m.

6.5

CVSS3.1

CVE-2024-31840 -

An issue was discovered in Italtel Embrace 1.6.4. The web application inserts cleartext passwords in the HTML source code. An authenticated user is able to edit the configuration of the email server. Once the user access the edit function, the web application fills the edit form with the current cr…

πŸ“… Published: May 21, 2024, 3:32 p.m. πŸ”„ Last Modified: March 14, 2025, 3:15 p.m.

0.0

CVE-2024-5175 -

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

πŸ“… Published: May 21, 2024, 3:15 p.m. πŸ”„ Last Modified: Jan. 14, 2025, 8:15 p.m.

5.4

CVSS3.1

CVE-2024-33527 -

A Stored Cross-site Scripting (XSS) vulnerability in the "Import of Users and login name of user" feature in ILIAS 7 before 7.30 and ILIAS 8 before 8.11 allows remote authenticated attackers with administrative privileges to inject arbitrary web script or HTML via XML file upload.

πŸ“… Published: May 21, 2024, 3:01 p.m. πŸ”„ Last Modified: June 4, 2025, 5:27 p.m.

7.1

CVSS3.1

CVE-2024-33526 -

A Stored Cross-site Scripting (XSS) vulnerability in the "Import of user role and title of user role" feature in ILIAS 7 before 7.30 and ILIAS 8 before 8.11 allows remote authenticated attackers with administrative privileges to inject arbitrary web script or HTML via XML file upload.

πŸ“… Published: May 21, 2024, 2:52 p.m. πŸ”„ Last Modified: June 4, 2025, 5:27 p.m.

7.2

CVSS3.1

CVE-2024-33529 -

ILIAS 7 before 7.30 and ILIAS 8 before 8.11 as well as ILIAS 9.0 allow remote authenticated attackers with administrative privileges to execute operating system commands via file uploads with dangerous types.

πŸ“… Published: May 21, 2024, 2:46 p.m. πŸ”„ Last Modified: June 4, 2025, 5:27 p.m.

4.7

CVSS3.1

CVE-2024-33528 -

A Stored Cross-site Scripting (XSS) vulnerability in ILIAS 7 before 7.30 and ILIAS 8 before 8.11 allows remote authenticated attackers with tutor privileges to inject arbitrary web script or HTML via XML file upload.

πŸ“… Published: May 21, 2024, 2:44 p.m. πŸ”„ Last Modified: June 4, 2025, 5:27 p.m.

6.4

CVSS3.1

CVE-2024-4452 - ElementsKit Pro <= 3.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The ElementsKit Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the β€˜url’ parameter in versions up to, and including, 3.6.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level permissions an…

πŸ“… Published: May 21, 2024, 1:51 p.m. πŸ”„ Last Modified: April 8, 2026, 6:21 p.m.

4.2

CVSS3.1

CVE-2024-35218 - Umbraco CMS Vulnerable to Stored XSS on Content Page Through Markdown Editor Preview Pane

Umbraco CMS is an ASP.NET CMS used by more than 730.000 websites. Stored Cross-site scripting (XSS) enable attackers that have access to backoffice to bring malicious content into a website or application. This vulnerability has been patched in version(s) 8.18.13, 10.8.4, 12.3.7, 13.1.1 by implemen…

πŸ“… Published: May 21, 2024, 1:42 p.m. πŸ”„ Last Modified: Feb. 12, 2025, 5:46 p.m.

4.3

CVSS3.1

CVE-2024-35385 -

An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_mk_ffi_sig function in the mjs.c file.

πŸ“… Published: May 21, 2024, 1:39 p.m. πŸ”„ Last Modified: May 5, 2025, 5:19 p.m.
Total resulsts: 349182
Page 9718 of 34,919
Β« previous page Β» next page
Filters