Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: attack-types Clear
ID Title
CVE-2024-11406 Cross-Site Scripting (XSS) in djangocms-attributes-field (CVE-2024-11406)
cross-site scripting in djangocms-attributes-field (CVE-2024-11406). Confidential information can be exposed externally. Mitigation: upgrade to `4.0.0` or later.
CVE-2024-50803 Cross-Site Scripting (XSS) in redaxo (CVE-2024-50803)
cross-site scripting in redaxo (CVE-2024-50803). Risk of unauthorized operations or information disclosure.
CVE-2024-8781 Vulnerability in privilege-escalation (CVE-2024-8781)
vulnerability in privilege-escalation (CVE-2024-8781). Risk of unauthorized operations or information disclosure.
CVE-2024-3370 SQL Injection in sqli (CVE-2024-3370)
SQL injection in sqli (CVE-2024-3370). Confidential information can be exposed externally.
CVE-2024-11319 Cross-Site Scripting (XSS) in django-cms (CVE-2024-11319)
cross-site scripting in django-cms (CVE-2024-11319). Risk of unauthorized operations or information disclosure. Mitigation: upgrade to `4.1.4` or later.
CVE-2024-3447 Vulnerability in dos (CVE-2024-3447)
vulnerability in dos (CVE-2024-3447). Risk of unauthorized operations or information disclosure.
CVE-2024-7787 Cross-Site Scripting (XSS) in CVE-2024-7787 (CVE-2024-7787)
cross-site scripting in CVE-2024-7787 (CVE-2024-7787). Risk of unauthorized operations or information disclosure.
CVE-2024-9477 Cross-Site Scripting (XSS) in airties (CVE-2024-9477)
cross-site scripting in airties (CVE-2024-9477). Risk of unauthorized operations or information disclosure.
CVE-2024-48290 Vulnerability in dos (CVE-2024-48290)
vulnerability in dos (CVE-2024-48290). Risk of unauthorized operations or information disclosure.
CVE-2024-9147 Vulnerability in bna (CVE-2024-9147)
vulnerability in bna (CVE-2024-9147). Risk of unauthorized operations or information disclosure.
CVE-2024-10035 Command Injection in privilege-escalation (CVE-2024-10035)
command injection in privilege-escalation (CVE-2024-10035). Successful exploitation can lead to full system takeover.
CVE-2024-51060 SQL Injection in sqli (CVE-2024-51060)
SQL injection in sqli (CVE-2024-51060). Confidential information can be exposed externally.
CVE-2024-51063 SQL Injection in sqli (CVE-2024-51063)
SQL injection in sqli (CVE-2024-51063). Confidential information can be exposed externally.
CVE-2024-51064 SQL Injection in sqli (CVE-2024-51064)
SQL injection in sqli (CVE-2024-51064). Successful exploitation can lead to full system takeover.
CVE-2024-51065 SQL Injection in sqli (CVE-2024-51065)
SQL injection in sqli (CVE-2024-51065). Successful exploitation can lead to full system takeover.
CVE-2024-48733 SQL Injection in sqli (CVE-2024-48733)
SQL injection in sqli (CVE-2024-48733). Successful exploitation can lead to full system takeover.
CVE-2024-48735 Path Traversal in path-traversal (CVE-2024-48735)
path traversal in path-traversal (CVE-2024-48735). Confidential information can be exposed externally.
CVE-2023-6441 SQL Injection in sqli (CVE-2023-6441)
SQL injection in sqli (CVE-2023-6441). Successful exploitation can lead to full system takeover.
CVE-2024-9050 Code Injection in privilege-escalation (CVE-2024-9050)
code injection in privilege-escalation (CVE-2024-9050). Successful exploitation can lead to full system takeover. Exploitable via ``leftupdown``.
CVE-2024-40088 Cross-Site Scripting (XSS) in path-traversal (CVE-2024-40088)
cross-site scripting in path-traversal (CVE-2024-40088). Risk of unauthorized operations or information disclosure.
CVE-2024-47742 Path Traversal in path-traversal (CVE-2024-47742)
path traversal in path-traversal (CVE-2024-47742). Successful exploitation can lead to full system takeover.
CVE-2024-9143 Out-of-Bounds Read in CVE-2024-9143 (CVE-2024-9143)
vulnerability in CVE-2024-9143 (CVE-2024-9143). Risk of unauthorized operations or information disclosure.
CVE-2024-46605 Cross-Site Scripting (XSS) in piwigo (CVE-2024-46605)
cross-site scripting in piwigo (CVE-2024-46605). Risk of unauthorized operations or information disclosure.
CVE-2024-46606 Cross-Site Scripting (XSS) in piwigo (CVE-2024-46606)
cross-site scripting in piwigo (CVE-2024-46606). Risk of unauthorized operations or information disclosure.
CVE-2024-21262 Authorization Flaw in c (CVE-2024-21262)
vulnerability in c (CVE-2024-21262). Risk of unauthorized operations or information disclosure.
CVE-2024-35584 SQL Injection in sqli (CVE-2024-35584)
SQL injection in sqli (CVE-2024-35584). Successful exploitation can lead to full system takeover.
CVE-2023-31493 Code Injection in zoneminder (CVE-2023-31493)
code injection in zoneminder (CVE-2023-31493). Confidential information can be exposed externally.
CVE-2023-50780 Vulnerability in apache (CVE-2023-50780)
vulnerability in apache (CVE-2023-50780). Successful exploitation can lead to full system takeover.
CVE-2024-46532 SQL Injection in sqli (CVE-2024-46532)
SQL injection in sqli (CVE-2024-46532). Successful exploitation can lead to full system takeover.
CVE-2024-4658 SQL Injection in sqli (CVE-2024-4658)
SQL injection in sqli (CVE-2024-4658). Risk of unauthorized operations or information disclosure.
CVE-2024-9286 SQL Injection in sqli (CVE-2024-9286)
SQL injection in sqli (CVE-2024-9286). Risk of unauthorized operations or information disclosure.
CVE-2024-25885 Vulnerability in dos (CVE-2024-25885)
vulnerability in dos (CVE-2024-25885). Risk of unauthorized operations or information disclosure.
CVE-2024-42831 Cross-Site Scripting (XSS) in CVE-2024-42831 (CVE-2024-42831)
cross-site scripting in CVE-2024-42831 (CVE-2024-42831). Risk of unauthorized operations or information disclosure.
CVE-2024-28709 Cross-Site Scripting (XSS) in limesurvey (CVE-2024-28709)
cross-site scripting in limesurvey (CVE-2024-28709). Risk of unauthorized operations or information disclosure.
CVE-2024-28710 Cross-Site Scripting (XSS) in limesurvey (CVE-2024-28710)
cross-site scripting in limesurvey (CVE-2024-28710). Risk of unauthorized operations or information disclosure.
CVE-2024-45932 Cross-Site Scripting (XSS) in webkul (CVE-2024-45932)
cross-site scripting in webkul (CVE-2024-45932). Risk of unauthorized operations or information disclosure.
CVE-2024-46446 Path Traversal in path-traversal (CVE-2024-46446)
path traversal in path-traversal (CVE-2024-46446). Successful exploitation can lead to full system takeover.
CVE-2024-45933 Code Injection in CVE-2024-45933 (CVE-2024-45933)
code injection in CVE-2024-45933 (CVE-2024-45933). Data can be tampered with by attackers.
CVE-2024-6400 Vulnerability in finrota (CVE-2024-6400)
vulnerability in finrota (CVE-2024-6400). Confidential information can be exposed externally.
CVE-2024-46084 Command Injection in scriptcase (CVE-2024-46084)
command injection in scriptcase (CVE-2024-46084). Successful exploitation can lead to full system takeover.
CVE-2024-3373 SQL Injection in sqli (CVE-2024-3373)
SQL injection in sqli (CVE-2024-3373). Risk of unauthorized operations or information disclosure.
CVE-2024-8607 SQL Injection in sqli (CVE-2024-8607)
SQL injection in sqli (CVE-2024-8607). Successful exploitation can lead to full system takeover.
CVE-2024-8608 Cross-Site Scripting (XSS) in oceanicsoft (CVE-2024-8608)
cross-site scripting in oceanicsoft (CVE-2024-8608). Risk of unauthorized operations or information disclosure.
CVE-2024-4657 Cross-Site Scripting (XSS) in CVE-2024-4657 (CVE-2024-4657)
cross-site scripting in CVE-2024-4657 (CVE-2024-4657). Risk of unauthorized operations or information disclosure.
CVE-2023-46948 Cross-Site Scripting (XSS) in CVE-2023-46948 (CVE-2023-46948)
cross-site scripting in CVE-2023-46948 (CVE-2023-46948). Risk of unauthorized operations or information disclosure.
CVE-2024-7835 Cross-Site Scripting (XSS) in CVE-2024-7835 (CVE-2024-7835)
cross-site scripting in CVE-2024-7835 (CVE-2024-7835). Risk of unauthorized operations or information disclosure.
CVE-2024-7735 SQL Injection in sqli (CVE-2024-7735)
SQL injection in sqli (CVE-2024-7735). Risk of unauthorized operations or information disclosure.
CVE-2024-33109 Path Traversal in path-traversal (CVE-2024-33109)
path traversal in path-traversal (CVE-2024-33109). Confidential information can be exposed externally.
CVE-2024-7785 Cross-Site Scripting (XSS) in CVE-2024-7785 (CVE-2024-7785)
cross-site scripting in CVE-2024-7785 (CVE-2024-7785). Risk of unauthorized operations or information disclosure.
CVE-2024-5958 SQL Injection in sqli (CVE-2024-5958)
SQL injection in sqli (CVE-2024-5958). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →