Aggregator

CVE-2022-44297 | SiteServer CMS 7.1.3 sql injection (Issue 3490)

11 months 2 weeks ago

A vulnerability has been found in SiteServer CMS 7.1.3 and classified as critical. This vulnerability affects unknown code. The manipulation leads to sql injection. This vulnerability was named CVE-2022-44297. Access to the local network is required for this attack to succeed. There is no exploit available.

vuldb.com

CVE-2022-45770 | Adguard up to 7.11 on Windows adgnetworkwfpdrv.sys input validation

Vuldb Updates

11 months 2 weeks ago

A vulnerability was found in Adguard up to 7.11 on Windows. It has been declared as problematic. This vulnerability affects unknown code in the library adgnetworkwfpdrv.sys. The manipulation leads to improper input validation. This vulnerability was named CVE-2022-45770. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-27286 | Zulip up to 8.2 information disclosure (GHSA-478x-rfqr-w4jf)

Vuldb Updates

11 months 2 weeks ago

A vulnerability classified as problematic has been found in Zulip up to 8.2. Affected is an unknown function. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2024-27286. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-33830 | idcCMS 1.35 readDeal.php?mudi=clearWebCache cross-site request forgery

Vuldb Updates

11 months 2 weeks ago

A vulnerability classified as problematic has been found in idcCMS 1.35. This affects an unknown part of the file /admin/readDeal.php?mudi=clearWebCache. The manipulation leads to cross-site request forgery. This vulnerability is uniquely identified as CVE-2024-33830. It is possible to initiate the attack remotely. There is no exploit available.

vuldb.com

CVE-2023-49675 | CODESYS Development System prior 2.3.9.73 Project File out-of-bounds write (VDE-2024-024)

Vuldb Updates

11 months 2 weeks ago

A vulnerability, which was classified as critical, has been found in CODESYS Development System. This issue affects some unknown processing of the component Project File Handler. The manipulation leads to out-of-bounds write. The identification of this vulnerability is CVE-2023-49675. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2023-49676 | CODESYS Development System prior 2.3.9.73 Project File use after free (VDE-2024-024)

Vuldb Updates

11 months 2 weeks ago

A vulnerability, which was classified as critical, was found in CODESYS Development System. Affected is an unknown function of the component Project File Handler. The manipulation leads to use after free. This vulnerability is traded as CVE-2023-49676. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-4411 | Mihdan Plugin up to 1.6.5.1 on WordPress Shortcode cross site scripting

Vuldb Updates

11 months 2 weeks ago

A vulnerability was found in Mihdan Plugin up to 1.6.5.1 on WordPress and classified as problematic. Affected by this issue is some unknown functionality of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-4411. The attack may be launched remotely. There is no exploit available.

vuldb.com

CVE-2024-4314 | Hostel Plugin up to 1.1.5.3 on WordPress cross-site request forgery

Vuldb Updates

11 months 2 weeks ago

A vulnerability was found in Hostel Plugin up to 1.1.5.3 on WordPress. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross-site request forgery. This vulnerability is uniquely identified as CVE-2024-4314. It is possible to initiate the attack remotely. There is no exploit available.

vuldb.com

CVE-2024-34078 | matthiask html-sanitizer up to 2.4.1 Unicode cross site scripting (GHSA-wvhx-q427-fgh3)

Vuldb Updates

11 months 2 weeks ago

A vulnerability was found in matthiask html-sanitizer up to 2.4.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Unicode Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-34078. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-34069 | pallets werkzeug up to 3.0.2 cross-site request forgery (GHSA-2g68-c3qc-8985 / Nessus ID 211798)

Vuldb Updates

11 months 2 weeks ago

A vulnerability classified as problematic was found in pallets werkzeug up to 3.0.2. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. This vulnerability was named CVE-2024-34069. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2024-34064 | pallets jinja up to 3.1.3 xmlattr Filter cross site scripting (GHSA-h75v-3vvj-5mfj / Nessus ID 210840)

Vuldb Updates

11 months 2 weeks ago

A vulnerability, which was classified as problematic, has been found in pallets jinja up to 3.1.3. This issue affects some unknown processing of the component xmlattr Filter. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-34064. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com