Total
81965 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-51781 | 2024-11-12 | N/A | 7.1 HIGH | ||
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Loop Now Technologies, Inc. Firework Shoppable Live Video allows Reflected XSS.This issue affects Firework Shoppable Live Video: from n/a through 6.3. | |||||
CVE-2024-51619 | 2024-11-12 | N/A | 8.5 HIGH | ||
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Market360.Co Market 360 Viewer allows Blind SQL Injection.This issue affects Market 360 Viewer: from n/a through 1.01. | |||||
CVE-2024-51719 | 2024-11-12 | N/A | 7.1 HIGH | ||
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kevin Walker, Roman Peterhans Simplistic SEO allows Reflected XSS.This issue affects Simplistic SEO: from n/a through 2.3.0. | |||||
CVE-2024-51704 | 2024-11-12 | N/A | 7.1 HIGH | ||
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hanusek imPress allows Reflected XSS.This issue affects imPress: from n/a through 0.1.4. | |||||
CVE-2024-50544 | 2024-11-12 | N/A | 8.5 HIGH | ||
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Micah Blu RSVP ME allows SQL Injection.This issue affects RSVP ME: from n/a through 1.9.9. | |||||
CVE-2024-51621 | 2024-11-12 | N/A | 8.5 HIGH | ||
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Reza Sh Download-Mirror-Counter allows SQL Injection.This issue affects Download-Mirror-Counter: from n/a through 1.1. | |||||
CVE-2024-50524 | 2024-11-12 | N/A | 8.5 HIGH | ||
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in quyle91 Administrator Z allows Blind SQL Injection.This issue affects Administrator Z: from n/a through 2024.11.04. | |||||
CVE-2024-51579 | 2024-11-12 | N/A | 8.5 HIGH | ||
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saleswonder.Biz 5 Stars Rating Funnel allows SQL Injection.This issue affects 5 Stars Rating Funnel: from n/a through 1.4.01. | |||||
CVE-2024-51691 | 2024-11-12 | N/A | 7.1 HIGH | ||
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Aryan Duntley Admin Amplify allows Reflected XSS.This issue affects Admin Amplify: from n/a through 1.3.0. | |||||
CVE-2024-51761 | 2024-11-12 | N/A | 7.1 HIGH | ||
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Zack Gilbert and Paul Jarvis WPHelpful allows Reflected XSS.This issue affects WPHelpful: from n/a through 1.2.4. | |||||
CVE-2024-51759 | 2024-11-12 | N/A | 7.1 HIGH | ||
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Detlef Beyer SVT Simple allows Reflected XSS.This issue affects SVT Simple: from n/a through 1.0.1. | |||||
CVE-2024-51780 | 2024-11-12 | N/A | 7.1 HIGH | ||
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Michael DUMONTET eewee admin custom allows Reflected XSS.This issue affects eewee admin custom: from n/a through 1.8.2.4. | |||||
CVE-2024-51716 | 2024-11-12 | N/A | 7.1 HIGH | ||
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Gopi.R Twitter real time search scrolling allows Reflected XSS.This issue affects Twitter real time search scrolling: from n/a through 7.0. | |||||
CVE-2024-51697 | 2024-11-12 | N/A | 7.1 HIGH | ||
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Doofinder allows Reflected XSS.This issue affects Doofinder: from n/a through 0.5.4. | |||||
CVE-2024-51763 | 2024-11-12 | N/A | 7.1 HIGH | ||
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Biplob Adhikari Team Showcase and Slider – Team Members Builder allows Reflected XSS.This issue affects Team Showcase and Slider – Team Members Builder: from n/a through 1.3. | |||||
CVE-2024-47590 | 2024-11-12 | N/A | 8.8 HIGH | ||
An unauthenticated attacker can create a malicious link which they can make publicly available. When an authenticated victim clicks on this malicious link, input data will be used by the web site page generation to create content which when executed in the victim's browser (XXS) or transmitted to another server (SSRF) gives the attacker the ability to execute arbitrary code on the server fully compromising confidentiality, integrity and availability. | |||||
CVE-2024-45827 | 2024-11-12 | N/A | 8.0 HIGH | ||
Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in Mesh Wi-Fi router RP562B firmware version v1.0.2 and earlier. If this vulnerability is exploited, a network-adjacent authenticated attacker may execute an arbitrary OS command. | |||||
CVE-2024-51845 | 2024-11-12 | N/A | 8.5 HIGH | ||
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Richteam Share Buttons – Social Media allows Blind SQL Injection.This issue affects Share Buttons – Social Media: from n/a through 1.0.2. | |||||
CVE-2024-47295 | 2024-11-11 | N/A | 8.1 HIGH | ||
Insecure initial password configuration issue in SEIKO EPSON Web Config allows a remote unauthenticated attacker to set an arbitrary password and operate the device with an administrative privilege. As for the details of the affected versions, see the information provided by the vendor under [References]. | |||||
CVE-2024-7059 | 2024-11-09 | N/A | 8.0 HIGH | ||
A high-severity vulnerability that can lead to arbitrary code execution on the system hosting the Web SDK role was found in the Genetec Security Center product line. |