Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2024-10-07
Low
Med.
Med.
Med.
Low
Med.
2024-10-05
High
High
Med.
High
High
Med.
2024-10-02
Med.

The latest CVEs

Dorks

2024-10-08
CVE-2024-8431
The Photo Gallery, Images, Slider in Rbs Image Gallery plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the ajaxGetGalleryJson() function in all versions up to, and including, 3.2.21. This makes it possible for authenticated attackers, with subscriber-level access and above, to retrieve private ...
CVE-2024-8482
The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ??url?? parameter in all versions up to, and including, 1.3.982 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrar...
CVE-2024-3506
A possible buffer overflow in selected cameras' drivers from XProtect Device Pack can allow an attacker with access to internal network to execute commands on Recording Server under strict conditions.
CVE-2024-8422
CWE-416: Use After Free vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when application user opens a malicious Zelio Soft 2 project file.
CVE-2024-8433
The Easy Mega Menu Plugin for WordPress ?? ThemeHunk plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ??themehunk_megamenu_bg_image' parameter in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level...
CVE-2024-8518
CWE-20: Improper Input Validation vulnerability exists that could cause a crash of the Zelio Soft 2 application when a specially crafted project file is loaded by an application user.
CVE-2024-8629
The WooCommerce Multilingual & Multicurrency with WPML plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 5.3.7. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execut...
CVE-2024-8488
The Survey Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Survey fields in all versions up to, and including, 4.9.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that...
CVE-2024-8884
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause exposure of credentials when attacker has access to application on network over http
CVE-2024-9005
CWE-502: Deserialization of Untrusted Data vulnerability exists that could allow code to be remotely executed on the server when unsafely deserialized data is posted to the web server.
2024-10-07
Med.
Online Complete - Blind Sql Injection Vulnerability
"Powered by Online Complete to"
behrouz mansoori
2024-10-05
High
MD-Pro 1.0.76 Shell Upload / SQL Injection
intext: Powered by MD-Pro
Emiliano Febbi
2024-09-30
Med.
krishna Tech - Sql Injection
"Website Developed By krishna Tech"
behrouz mansoori
2024-09-29
Med.
Era infotech - Sql Injection
"Design & Developed By: Era infotech"
behrouz mansoori
Med.
Era infotech - Blind Sql Injection Vulnerability
"Design & Developed By: Era infotech"
behrouz mansoori

Copyright 2024, cxsecurity.com

 

Back to Top