Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-29661 |
A File Upload vulnerability in DedeCMS v5.7 allows a local attacker to execute arbitrary code via a crafted payload. Published: April 22, 2024; 8:15:07 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-28717 |
An issue in OpenStack Storlets yoga-eom allows a remote attacker to execute arbitrary code via the gateway.py component. Published: April 22, 2024; 8:15:07 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-22856 |
A SQL injection vulnerability via the Save Favorite Search function in Axefinance Axe Credit Portal >= v.3.0 allows authenticated attackers to execute unintended queries and disclose sensitive information from DB tables via crafted requests. Published: April 22, 2024; 8:15:07 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-22815 |
An issue in the communication protocol of Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to cause a Denial of Service (DoS) via crafted commands. Published: April 22, 2024; 8:15:07 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-22813 |
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to overwrite the hardcoded IP address in the device memory, disrupting network connectivity between the router and the controller. Published: April 22, 2024; 8:15:07 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-22811 |
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to cause a Denial of Service (DoS) by disrupting the communication between the PathPilot controller and the CNC router via overwriting the Hostmot2 configuration cookie in the device memory. Published: April 22, 2024; 8:15:07 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-22809 |
Incorrect access control in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to access the G code's shared folder and view sensitive information. Published: April 22, 2024; 8:15:07 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-22808 |
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to cause a Denial of Service (DoS) by disrupting the communication between the PathPilot controller and the CNC router via overwriting the card's name in the device memory. Published: April 22, 2024; 8:15:07 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-22807 |
An issue in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to erase a critical sector of the flash memory, causing the machine to lose network connectivity and suffer from firmware corruption. Published: April 22, 2024; 8:15:07 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32691 |
Missing Authorization vulnerability in realmag777 Active Products Tables for WooCommerce.This issue affects Active Products Tables for WooCommerce: from n/a through 1.0.6.2. Published: April 22, 2024; 7:15:47 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32688 |
Missing Authorization vulnerability in Long Watch Studio MyRewards.This issue affects MyRewards: from n/a through 5.3.0. Published: April 22, 2024; 7:15:47 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32687 |
Missing Authorization vulnerability in WPClever WPC Frequently Bought Together for WooCommerce.This issue affects WPC Frequently Bought Together for WooCommerce: from n/a through 7.0.3. Published: April 22, 2024; 7:15:47 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32684 |
Missing Authorization vulnerability in Wpmet Wp Ultimate Review.This issue affects Wp Ultimate Review: from n/a through 2.2.5. Published: April 22, 2024; 7:15:46 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32682 |
Missing Authorization vulnerability in BdThemes Prime Slider – Addons For Elementor.This issue affects Prime Slider – Addons For Elementor: from n/a through 3.13.2. Published: April 22, 2024; 7:15:46 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32681 |
Missing Authorization vulnerability in BdThemes Prime Slider – Addons For Elementor.This issue affects Prime Slider – Addons For Elementor: from n/a through 3.13.2. Published: April 22, 2024; 7:15:46 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32698 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leevio Happy Addons for Elementor allows Stored XSS.This issue affects Happy Addons for Elementor: from n/a through 3.10.4. Published: April 22, 2024; 4:15:39 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32697 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HelloAsso allows Stored XSS.This issue affects HelloAsso: from n/a through 1.1.5. Published: April 22, 2024; 4:15:39 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32696 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuantumCloud Infographic Maker – iList allows Stored XSS.This issue affects Infographic Maker – iList: from n/a through 4.6.6. Published: April 22, 2024; 4:15:38 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32695 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marco Gasi Language Switcher for Transposh allows Reflected XSS.This issue affects Language Switcher for Transposh: from n/a through 1.5.9. Published: April 22, 2024; 4:15:38 AM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32694 |
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Creative interactive media 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin allows Reflected XSS.This issue affects 3D FlipBook, PDF Viewer, PDF Embedder – Real 3D FlipBook WordPress Plugin: from n/a through 3.62. Published: April 22, 2024; 4:15:38 AM -0400 |
V3.x:(not available) V2.0:(not available) |