7.2

CVSS3.1

CVE-2024-11064 - D-Link DSL6740C - OS Command Injection

The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet.

๐Ÿ“… Published: Nov. 11, 2024, 7:35 a.m. ๐Ÿ”„ Last Modified: Nov. 15, 2024, 6:22 p.m.

7.2

CVSS3.1

CVE-2024-11063 - D-Link DSL6740C - OS Command Injection

The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet.

๐Ÿ“… Published: Nov. 11, 2024, 7:30 a.m. ๐Ÿ”„ Last Modified: Nov. 15, 2024, 6:21 p.m.

7.2

CVSS3.1

CVE-2024-11062 - D-Link DSL6740C - OS Command Injection

The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet.

๐Ÿ“… Published: Nov. 11, 2024, 7:28 a.m. ๐Ÿ”„ Last Modified: Nov. 15, 2024, 6:21 p.m.

5.4

CVSS3.1

CVE-2024-11021 - Grand Vice info Webopac - Stored XSS

Webopac from Grand Vice info has Stored Cross-site Scripting vulnerability. Remote attackers with regular privileges can inject arbitrary JavaScript code into the server. When users visit the compromised page, the code is automatically executed in their browser.

๐Ÿ“… Published: Nov. 11, 2024, 7:24 a.m. ๐Ÿ”„ Last Modified: Nov. 18, 2024, 7 p.m.

9.8

CVSS3.1

CVE-2024-11020 - Grand Vice info Webopac7 - SQL Injection

Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents.

๐Ÿ“… Published: Nov. 11, 2024, 7:16 a.m. ๐Ÿ”„ Last Modified: Nov. 18, 2024, 6:59 p.m.

6.1

CVSS3.1

CVE-2024-11019 - Grand Vice info Webopac7 - Reflected XSS

Webopac from Grand Vice info has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript code in the user's browser through phishing techniques.

๐Ÿ“… Published: Nov. 11, 2024, 7:06 a.m. ๐Ÿ”„ Last Modified: Nov. 18, 2024, 6:59 p.m.

9.8

CVSS3.1

CVE-2024-11018 - Grand Vice info Webopac - Arbitrary File Upload

Webopac from Grand Vice info does not properly validate uploaded file types, allowing unauthenticated remote attackers to upload and execute webshells, which could lead to arbitrary code execution on the server.

๐Ÿ“… Published: Nov. 11, 2024, 7:02 a.m. ๐Ÿ”„ Last Modified: Nov. 18, 2024, 6:59 p.m.

8.8

CVSS3.1

CVE-2024-11017 - Grand Vice info Webopac - Arbitrary File Upload

Webopac from Grand Vice info does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload and execute webshells, which could lead to arbitrary code execution on the server.

๐Ÿ“… Published: Nov. 11, 2024, 6:54 a.m. ๐Ÿ”„ Last Modified: Nov. 18, 2024, 6:47 p.m.

9.8

CVSS3.1

CVE-2024-11016 - Grand Vice info Webopac - SQL Injection

Webopac from Grand Vice info has a SQL Injection vulnerability, allowing unauthenticated remote attacks to inject arbitrary SQL commands to read, modify, and delete database contents.

๐Ÿ“… Published: Nov. 11, 2024, 6:51 a.m. ๐Ÿ”„ Last Modified: Nov. 14, 2024, 9:53 p.m.

5.4

CVSS3.1

CVE-2024-52350 - WordPress CRM 2go plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nrmendez CRM 2go crm2go allows DOM-Based XSS.This issue affects CRM 2go: from n/a through <= 1.0.

๐Ÿ“… Published: Nov. 11, 2024, 6:43 a.m. ๐Ÿ”„ Last Modified: April 1, 2026, 4:20 p.m.
Total resulsts: 345232
Page 7552 of 34,524
ยซ previous page ยป next page
Filters