Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-07 | CVE-2023-6388 | Server-Side Request Forgery (SSRF) vulnerability in Salesagility Suitecrm 7.14.2 Suite CRM version 7.14.2 allows making arbitrary HTTP requests through the vulnerable server. | 5.0 |
| 2024-02-07 | CVE-2024-0849 | Path Traversal vulnerability in Leanote Desktop 2.7.0 Leanote version 2.7.0 allows obtaining arbitrary local files. | 5.5 |
| 2024-02-07 | CVE-2024-24810 | Untrusted Search Path vulnerability in Firegiant WIX Toolset WiX toolset lets developers create installers for Windows Installer, the Windows installation engine. | 7.8 |
| 2024-02-07 | CVE-2024-1268 | Unrestricted Upload of File with Dangerous Type vulnerability in Restaurant POS System Project Restaurant POS System 1.0 A vulnerability, which was classified as critical, was found in CodeAstro Restaurant POS System 1.0. | 9.8 |
| 2024-02-07 | CVE-2024-1269 | Cross-site Scripting vulnerability in Remyandrade Product Management System 1.0 A vulnerability has been found in SourceCodester Product Management System 1.0 and classified as problematic. | 6.1 |
| 2024-02-07 | CVE-2024-1266 | Cross-site Scripting vulnerability in Codeastro University Management System 1.0 A vulnerability classified as problematic was found in CodeAstro University Management System 1.0. | 6.1 |
| 2024-02-07 | CVE-2024-1267 | Cross-site Scripting vulnerability in Codeastro Restaurant POS System 1.0 A vulnerability, which was classified as problematic, has been found in CodeAstro Restaurant POS System 1.0. | 6.1 |
| 2024-02-07 | CVE-2024-22021 | Unspecified vulnerability in Veeam products Vulnerability?CVE-2024-22021 allows?a?Veeam Recovery Orchestrator user with a low?privileged?role (Plan?Author)?to retrieve?plans?from?a?Scope other than the one they are assigned to. | 4.3 |
| 2024-02-07 | CVE-2024-22022 | Unspecified vulnerability in Veeam Recovery Orchestrator Vulnerability CVE-2024-22022 allows a Veeam Recovery Orchestrator user that has been assigned a low-privileged role to access the NTLM hash of the service account used by the Veeam Orchestrator Server Service. | 8.8 |
| 2024-02-07 | CVE-2024-24019 | SQL Injection vulnerability in Xxyopen Novel-Plus A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. | 9.8 |