Vulnerabilities

DATE	CVE	VULNERABILITY TITLE	RISK
2024-02-07	CVE-2024-24706	Cross-Site Request Forgery (CSRF) vulnerability in Forumone Wp-Cfm Cross-Site Request Forgery (CSRF) vulnerability in Forum One WP-CFM wp-cfm.This issue affects WP-CFM: from n/a through 1.7.8. network low complexity forumone CWE-352	4.3
2024-02-07	CVE-2024-24816	Cross-site Scripting vulnerability in Ckeditor CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. network low complexity ckeditor CWE-79	6.1
2024-02-07	CVE-2024-22012	Out-of-bounds Write vulnerability in Google Android there is a possible out of bounds write due to a missing bounds check. local low complexity google CWE-787	7.8
2024-02-07	CVE-2024-24815	Cross-site Scripting vulnerability in Ckeditor 4.23.0 CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. network low complexity ckeditor CWE-79	6.1
2024-02-07	CVE-2024-24771	Reliance on a Single Factor in a Security Decision vulnerability in Maykinmedia Open Forms Open Forms allows users create and publish smart forms. network high complexity maykinmedia CWE-654	5.9
2024-02-07	CVE-2024-24811	SQL Injection vulnerability in Zope Sqlalchemyda SQLAlchemyDA is a generic database adapter for ZSQL methods. network low complexity zope CWE-89 critical	9.8
2024-02-07	CVE-2024-24812	Cross-site Scripting vulnerability in Frappe Frappe is a full-stack web application framework that uses Python and MariaDB on the server side and a tightly integrated client side library. network low complexity frappe CWE-79	5.4
2024-02-07	CVE-2024-25145	Cross-site Scripting vulnerability in Liferay DXP Stored cross-site scripting (XSS) vulnerability in the Portal Search module's Search Result app in Liferay Portal 7.2.0 through 7.4.3.11, and older unsupported versions, and Liferay DXP 7.4 before update 8, 7.3 before update 4, 7.2 before fix pack 17, and older unsupported versions allows remote authenticated users to inject arbitrary web script or HTML into the Search Result app's search result if highlighting is disabled by adding any searchable content (e.g., blog, message board message, web content article) to the application. network low complexity liferay CWE-79	5.4
2024-02-07	CVE-2024-24130	Cross-site Scripting vulnerability in Mail2World 12 Mail2World v12 Business Control Center was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the Usr parameter at resellercenter/login.asp. network low complexity mail2world CWE-79	6.1
2024-02-07	CVE-2024-24131	Cross-site Scripting vulnerability in Superwebmailer 9.31.0.01799 SuperWebMailer v9.31.0.01799 was discovered to contain a reflected cross-site scripting (XSS) vulenrability via the component api.php. network low complexity superwebmailer CWE-79	6.1

Vulnerabilities {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities"}]}

Vulnerabilities