Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-29952 |
A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a could allow an authenticated user to print the Auth, Priv, and SSL key store passwords in unencrypted logs by manipulating command variables. Published: April 17, 2024; 6:15:08 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32746 |
A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the MENU parameter under the Menu module. Published: April 17, 2024; 5:15:09 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32745 |
A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the PAGE DESCRIPTION parameter under the CURRENT PAGE module. Published: April 17, 2024; 5:15:09 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32744 |
A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the PAGE KEYWORDS parameter under the CURRENT PAGE module. Published: April 17, 2024; 5:15:09 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32743 |
A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the SITE LANGUAGE CONFIG parameter under the Security module. Published: April 17, 2024; 5:15:09 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32345 |
A cross-site scripting (XSS) vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Configuration parameter under the Language section. Published: April 17, 2024; 5:15:09 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32344 |
A cross-site scripting (XSS) vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Edit parameter under the Language section. Published: April 17, 2024; 5:15:09 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32343 |
A cross-site scripting (XSS) vulnerability in the Create Page of Boid CMS v2.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Content parameter. Published: April 17, 2024; 5:15:09 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32342 |
A cross-site scripting (XSS) vulnerability in the Create Page of Boid CMS v2.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Permalink parameter. Published: April 17, 2024; 5:15:09 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32341 |
Multiple cross-site scripting (XSS) vulnerabilities in the Home page of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into any of the parameters. Published: April 17, 2024; 5:15:09 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32340 |
A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the WEBSITE TITLE parameter under the Menu module. Published: April 17, 2024; 5:15:09 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32339 |
Multiple cross-site scripting (XSS) vulnerabilities in the HOW TO page of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into any of the parameters. Published: April 17, 2024; 5:15:09 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32338 |
A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the PAGE TITLE parameter under the Current Page module. Published: April 17, 2024; 5:15:09 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-32337 |
A cross-site scripting (XSS) vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ADMIN LOGIN URL parameter under the Security module. Published: April 17, 2024; 5:15:09 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-3817 |
HashiCorp’s go-getter library is vulnerable to argument injection when executing Git to discover remote branches. This vulnerability does not affect the go-getter/v2 branch and package. Published: April 17, 2024; 4:15:08 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-29951 |
Brocade SANnav before v2.3.1 and v2.3.0a uses the SHA-1 hash in internal SSH ports that are not open to remote connection. Published: April 17, 2024; 4:15:08 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-21990 |
ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x contain hard-coded credentials that could allow an attacker to view Deploy configuration information and modify the account credentials. Published: April 17, 2024; 4:15:07 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-21989 |
ONTAP Select Deploy administration utility versions 9.12.1.x, 9.13.1.x and 9.14.1.x are susceptible to a vulnerability which when successfully exploited could allow a read-only user to escalate their privileges. Published: April 17, 2024; 4:15:07 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-0257 |
RoboDK v5.5.4 is vulnerable to heap-based buffer overflow while processing a specific project file. The resulting memory corruption may crash the application. Published: April 17, 2024; 4:15:07 PM -0400 |
V3.x:(not available) V2.0:(not available) |
CVE-2024-3900 |
Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by long Unicode sequence in ActualText. Published: April 17, 2024; 3:15:08 PM -0400 |
V3.x:(not available) V2.0:(not available) |