Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-08 | CVE-2024-22394 | Improper Authentication vulnerability in Sonicwall Sonicos 7.1.17040 An improper authentication vulnerability has been identified in SonicWall SonicOS SSL-VPN feature, which in specific conditions could allow a remote attacker to bypass authentication. This issue affects only firmware version SonicOS 7.1.1-7040. | 9.8 |
2024-02-08 | CVE-2024-24003 | SQL Injection vulnerability in Jishenghua Jsherp 3.3 jshERP v3.3 is vulnerable to SQL Injection. | 9.8 |
2024-02-08 | CVE-2024-24014 | SQL Injection vulnerability in Xxyopen Novel-Plus A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. | 9.8 |
2024-02-08 | CVE-2024-24017 | SQL Injection vulnerability in Xxyopen Novel-Plus A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. | 9.8 |
2024-02-08 | CVE-2024-24021 | SQL Injection vulnerability in Xxyopen Novel-Plus A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior. | 9.8 |
2024-02-08 | CVE-2023-48974 | Cross-site Scripting vulnerability in Axigen Mail Server Cross Site Scripting vulnerability in Axigen WebMail prior to 10.3.3.61 allows a remote attacker to escalate privileges via a crafted script to the serverName_input parameter. | 9.6 |
2024-02-08 | CVE-2024-24018 | SQL Injection vulnerability in Xxyopen Novel-Plus A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior versions. | 9.8 |
2024-02-08 | CVE-2024-24023 | SQL Injection vulnerability in Xxyopen Novel-Plus A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior. | 9.8 |
2024-02-08 | CVE-2024-24024 | Unrestricted Upload of File with Dangerous Type vulnerability in Xxyopen Novel-Plus An arbitrary File download vulnerability exists in Novel-Plus v4.3.0-RC1 and prior at com.java2nb.common.controller.FileController: fileDownload(). | 9.8 |
2024-02-08 | CVE-2024-24025 | Unrestricted Upload of File with Dangerous Type vulnerability in Xxyopen Novel-Plus An arbitrary File upload vulnerability exists in Novel-Plus v4.3.0-RC1 and prior at com.java2nb.common.controller.FileController: upload(). | 9.8 |