7.2

CVSS3.1

CVE-2024-27943 -

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow a privileged user to upload generic files to the root installation directory of the system. By replacing specific files, an attacker could tamper specific files or even achieve remote code ex…

πŸ“… Published: May 14, 2024, 10:02 a.m. πŸ”„ Last Modified: Feb. 6, 2025, 6:15 p.m.

7.5

CVSS3.1

CVE-2024-27942 -

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow any unauthenticated client to disconnect any active user from the server. An attacker could use this vulnerability to prevent any user to perform actions in the system, causing a denial of se…

πŸ“… Published: May 14, 2024, 10:02 a.m. πŸ”„ Last Modified: Feb. 6, 2025, 6:15 p.m.

8.8

CVSS3.1

CVE-2024-27941 -

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected client systems do not properly sanitize input data before sending it to the SQL server. An attacker could use this vulnerability to compromise the whole database.

πŸ“… Published: May 14, 2024, 10:02 a.m. πŸ”„ Last Modified: Feb. 6, 2025, 6:16 p.m.

8.8

CVSS3.1

CVE-2024-27940 -

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow any authenticated user to send arbitrary SQL commands to the SQL server. An attacker could use this vulnerability to compromise the whole database.

πŸ“… Published: May 14, 2024, 10:02 a.m. πŸ”„ Last Modified: Feb. 6, 2025, 6:16 p.m.

9.8

CVSS3.1

CVE-2024-27939 -

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.5). The affected systems allow the upload of arbitrary files of any unauthenticated user. An attacker could leverage this vulnerability and achieve arbitrary code execution with system privileges.

πŸ“… Published: May 14, 2024, 10:02 a.m. πŸ”„ Last Modified: Feb. 6, 2025, 6:16 p.m.

8.2

CVSS4.0

CVE-2023-46280 -

A vulnerability has been identified in Security Configuration Tool (SCT) (All versions), SIMATIC Automation Tool (All versions < V5.0 SP2), SIMATIC BATCH V9.1 (All versions < V9.1 SP2 Upd5), SIMATIC NET PC Software V16 (All versions < V16 Update 8), SIMATIC NET PC Software V17 (All versions), SIMAT…

πŸ“… Published: May 14, 2024, 10:01 a.m. πŸ”„ Last Modified: Dec. 10, 2024, 2:30 p.m.

6.4

CVSS3.1

CVE-2024-4440 - 140+ Widgets | Best Addons For Elementor – FREE <= 1.4.3 - Authenticated (Contributor+) Stored Cros…

The 140+ Widgets | Best Addons For Elementor – FREE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 1.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f…

πŸ“… Published: May 14, 2024, 9:33 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

5.4

CVSS3.1

CVE-2024-4860 -

The 'WordPress RSS Aggregator' WordPress Plugin, versions < 4.23.9 are affected by a Cross-Site Scripting (XSS) vulnerability due to the lack of sanitization of theΒ Β 'notice_id' Β GET parameter.

πŸ“… Published: May 14, 2024, 9:11 a.m. πŸ”„ Last Modified: March 25, 2025, 5:50 p.m.

5.7

CVSS3.1

CVE-2024-4859 -

Solidus <= 4.3.4Β is affected by a Stored Cross-Site Scripting vulnerability in the order tracking URL.

πŸ“… Published: May 14, 2024, 9:05 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.1

CVSS3.1

CVE-2024-3579 - XSS in Online Shopping System Advanced

Open-source project Online Shopping System Advanced is vulnerable to Reflected Cross-Site Scripting (XSS). An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser.Β 

πŸ“… Published: May 14, 2024, 8:51 a.m. πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.
Total resulsts: 349182
Page 9879 of 34,919
Β« previous page Β» next page
Filters