Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-07 | CVE-2024-24706 | Cross-Site Request Forgery (CSRF) vulnerability in Forumone Wp-Cfm Cross-Site Request Forgery (CSRF) vulnerability in Forum One WP-CFM wp-cfm.This issue affects WP-CFM: from n/a through 1.7.8. | 4.3 |
2024-02-07 | CVE-2024-24816 | Cross-site Scripting vulnerability in Ckeditor CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. | 6.1 |
2024-02-07 | CVE-2024-22012 | Out-of-bounds Write vulnerability in Google Android there is a possible out of bounds write due to a missing bounds check. | 7.8 |
2024-02-07 | CVE-2024-24815 | Cross-site Scripting vulnerability in Ckeditor 4.23.0 CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. | 6.1 |
2024-02-07 | CVE-2024-24771 | Reliance on a Single Factor in a Security Decision vulnerability in Maykinmedia Open Forms Open Forms allows users create and publish smart forms. | 5.9 |
2024-02-07 | CVE-2024-24811 | SQL Injection vulnerability in Zope Sqlalchemyda SQLAlchemyDA is a generic database adapter for ZSQL methods. | 9.8 |
2024-02-07 | CVE-2024-24812 | Cross-site Scripting vulnerability in Frappe Frappe is a full-stack web application framework that uses Python and MariaDB on the server side and a tightly integrated client side library. | 5.4 |
2024-02-07 | CVE-2024-25145 | Cross-site Scripting vulnerability in Liferay DXP Stored cross-site scripting (XSS) vulnerability in the Portal Search module's Search Result app in Liferay Portal 7.2.0 through 7.4.3.11, and older unsupported versions, and Liferay DXP 7.4 before update 8, 7.3 before update 4, 7.2 before fix pack 17, and older unsupported versions allows remote authenticated users to inject arbitrary web script or HTML into the Search Result app's search result if highlighting is disabled by adding any searchable content (e.g., blog, message board message, web content article) to the application. | 5.4 |
2024-02-07 | CVE-2024-24130 | Cross-site Scripting vulnerability in Mail2World 12 Mail2World v12 Business Control Center was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the Usr parameter at resellercenter/login.asp. | 6.1 |
2024-02-07 | CVE-2024-24131 | Cross-site Scripting vulnerability in Superwebmailer 9.31.0.01799 SuperWebMailer v9.31.0.01799 was discovered to contain a reflected cross-site scripting (XSS) vulenrability via the component api.php. | 6.1 |