4.3

CVSS3.1

CVE-2024-45164 -

Akamai SIA (Secure Internet Access Enterprise) ThreatAvert, in SPS (Security and Personalization Services) before the latest 19.2.0 patch and Apps Portal before 19.2.0.3 or 19.2.0.20240814, has incorrect authorization controls for the Admin functionality on the ThreatAvert Policy page. An authentic…

πŸ“… Published: Nov. 4, 2024, midnight πŸ”„ Last Modified: Nov. 6, 2024, 5:35 p.m.

8

CVSS3.1

CVE-2024-45885 -

DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This vulnerability occurs when the `action` parameter in `cgi-bin/mainfunction.cgi` is set to `autodiscovery_clear.`

πŸ“… Published: Nov. 4, 2024, midnight πŸ”„ Last Modified: April 10, 2025, 3:52 p.m.

6.8

CVSS3.1

CVE-2024-34891 -

Insufficiently protected credentials in DAV server settings in 1C-Bitrix Bitrix24 23.300.100 allows remote administrators to read Exchange account passwords via HTTP GET request.

πŸ“… Published: Nov. 4, 2024, midnight πŸ”„ Last Modified: Sept. 4, 2025, 4:33 p.m.

8.5

CVSS3.1

CVE-2024-51408 -

AppSmith Community 1.8.3 before 1.46 allows SSRF via New DataSource for application/json requests to 169.254.169.254 to retrieve AWS metadata credentials.

πŸ“… Published: Nov. 4, 2024, midnight πŸ”„ Last Modified: Nov. 6, 2024, 10:06 p.m.

8

CVSS3.1

CVE-2024-51246 -

In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doPPTP function.

πŸ“… Published: Nov. 4, 2024, midnight πŸ”„ Last Modified: April 11, 2025, 3:06 p.m.

6.1

CVSS3.1

CVE-2024-51328 -

Cross Site Scripting vulnerability in addcategory.php in projectworld's Travel Management System v1.0 allows remote attacker to inject arbitrary code via the t2 parameter.

πŸ“… Published: Nov. 4, 2024, midnight πŸ”„ Last Modified: May 7, 2025, 3:28 p.m.

5.3

CVSS4.0

CVE-2024-10746 - PHPGurukul Online Shopping Portal dom_data.php cross site scripting

A vulnerability classified as problematic has been found in PHPGurukul Online Shopping Portal 2.0. This affects an unknown part of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/dom_data.php. The manipulation of the argument scripts leads to cross site scripting. It is possi…

πŸ“… Published: Nov. 3, 2024, 11:31 p.m. πŸ”„ Last Modified: Nov. 5, 2024, 8:12 p.m.

5.3

CVSS4.0

CVE-2024-10745 - PHPGurukul Online Shopping Portal deferred_table.php cross site scripting

A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/deferred_table.php. The manipulation of the argument scripts leads to …

πŸ“… Published: Nov. 3, 2024, 11 p.m. πŸ”„ Last Modified: Nov. 5, 2024, 8:13 p.m.

5.3

CVSS4.0

CVE-2024-10744 - PHPGurukul Online Shopping Portal complex_header_2.php cross site scripting

A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/complex_header_2.php. The manipulation of the argument script…

πŸ“… Published: Nov. 3, 2024, 10:31 p.m. πŸ”„ Last Modified: Nov. 5, 2024, 8:13 p.m.

5.3

CVSS4.0

CVE-2024-10743 - PHPGurukul Online Shopping Portal editable_ajax.php cross site scripting

A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been classified as problematic. Affected is an unknown function of the file /shopping/admin/assets/plugins/DataTables/examples/examples_support/editable_ajax.php. The manipulation of the argument value leads to cross site sc…

πŸ“… Published: Nov. 3, 2024, 9:31 p.m. πŸ”„ Last Modified: Nov. 5, 2024, 8:13 p.m.
Total resulsts: 342372
Page 7365 of 34,238
Β« previous page Β» next page
Filters