Vulnerabilities

DATE	CVE	VULNERABILITY TITLE	RISK
2024-10-22	CVE-2024-45518	Server-Side Request Forgery (SSRF) vulnerability in Zimbra Collaboration An issue was discovered in Zimbra Collaboration (ZCS) 10.1.x before 10.1.1, 10.0.x before 10.0.9, 9.0.0 before Patch 41, and 8.8.15 before Patch 46. network low complexity zimbra CWE-918	8.8
2024-10-22	CVE-2024-46538	Cross-site Scripting vulnerability in Netgate Pfsense 2.5.2 A cross-site scripting (XSS) vulnerability in pfsense v2.5.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the $pconfig variable at interfaces_groups_edit.php. network low complexity netgate CWE-79	4.8
2024-10-22	CVE-2024-48570	SQL Injection vulnerability in PHPgurukul Client Management System 1.0 Client Management System 1.0 was discovered to contain a SQL injection vulnerability via the Between Dates Reports parameter at /admin/bwdates-reports-ds.php. network low complexity phpgurukul CWE-89	7.5
2024-10-22	CVE-2024-48706	Cross-site Scripting vulnerability in O-Dyn Collabtive 3.1 Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the title parameter with action=add or action=editform within the (a) managemessage.php file and (b) managetask.php file respectively. network low complexity o-dyn CWE-79	5.4
2024-10-22	CVE-2024-48707	Cross-site Scripting vulnerability in O-Dyn Collabtive 3.1 Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the name parameter under (a) action=add or action=edit within managemilestone.php file and (b) action=addpro within admin.php file. network low complexity o-dyn CWE-79	5.4
2024-10-22	CVE-2024-48708	Cross-site Scripting vulnerability in O-Dyn Collabtive 3.1 Collabtive 3.1 is vulnerable to Cross-Site Scripting (XSS) via the name parameter in (a) file tasklist.php under action = add/edit and in (b) file admin.php under action = adduser/edituser. network low complexity o-dyn CWE-79	5.4
2024-10-22	CVE-2024-49208	Incorrect Authorization vulnerability in Archerirm Archer 2024.03/2024.04/2024.06 Archer Platform 2024.03 before version 2024.08 is affected by an authorization bypass vulnerability related to supporting application files. network high complexity archerirm CWE-863	3.1
2024-10-22	CVE-2024-49209	Incorrect Authorization vulnerability in Archerirm Archer 2024.03/2024.04/2024.06 Archer Platform 2024.03 before version 2024.09 is affected by an API authorization bypass vulnerability related to supporting application files. network low complexity archerirm CWE-863	4.3
2024-10-22	CVE-2024-49210	Cross-site Scripting vulnerability in Archerirm Archer Reflected XSS was discovered in an iView List Archer Platform UX page in Archer Platform 6.x before version 2024.09. network low complexity archerirm CWE-79	6.1
2024-10-22	CVE-2024-49211	Cross-site Scripting vulnerability in Archerirm Archer Reflected XSS was discovered in a Dashboard Listing Archer Platform UX page in Archer Platform 6.x before version 2024.08. network low complexity archerirm CWE-79	6.1

Vulnerabilities {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities"}]}

Vulnerabilities