8.8
CVE-2024-56055 - WordPress WPLMS plugin < 1.9.9.5.2 - Arbitrary Directory Deletion vulnerability
Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS wplms_plugin allows Path Traversal.This issue affects WPLMS: from n/a through < 1.9.9.5.2.
8.8
CVE-2024-56051 - WordPress WPLMS plugin < 1.9.9.5 - Student+ Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code ('Code Injection') vulnerability in VibeThemes WPLMS wplms_plugin allows Code Injection.This issue affects WPLMS: from n/a through < 1.9.9.5.
0.0
CVE-2024-12765 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
0.0
CVE-2024-12764 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
0.0
CVE-2024-12763 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
0.0
CVE-2024-12762 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
0.0
CVE-2024-12758 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.4
CVE-2024-25042 - IBM Cognos Analytics cross-site scripting
IBM Cognos Analyticsย 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is potentially vulnerable to Cross Site Scripting (XSS). A remote attacker could execute malicious commands due to improper validation of column headings in Cognos Explorations.
6.8
CVE-2024-45082 - IBM Cognos Analytics HTTP open redirection
IBM Cognos Analyticsย 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayeโฆ
5.4
CVE-2024-41752 - IBM Cognos Analytics HTML injection
IBM Cognos Analyticsย 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site.