Vulnerabilities

DATE	CVE	VULNERABILITY TITLE	RISK
2024-10-14	CVE-2024-48257	SQL Injection vulnerability in Wavelog 1.8.5 Wavelog 1.8.5 allows Oqrs_model.php get_worked_modes station_id SQL injectioin. network low complexity wavelog CWE-89 critical	9.8
2024-10-14	CVE-2024-48119	Cross-site Scripting vulnerability in Vtiger CRM 8.2.0 Vtiger CRM v8.2.0 has a HTML Injection vulnerability in the module parameter. network low complexity vtiger CWE-79	5.4
2024-10-14	CVE-2024-48120	Cross-site Scripting vulnerability in X2Engine X2Crm 8.5 X2CRM v8.5 is vulnerable to a stored Cross-Site Scripting (XSS) in the "Opportunities" module. network low complexity x2engine CWE-79	5.4
2024-10-14	CVE-2024-48253	SQL Injection vulnerability in Magicbug Cloudlog 2.6.15 Cloudlog 2.6.15 allows Oqrs.php delete_oqrs_line id SQL injection. network low complexity magicbug CWE-89 critical	9.8
2024-10-14	CVE-2024-48255	SQL Injection vulnerability in Magicbug Cloudlog 2.6.15 Cloudlog 2.6.15 allows Oqrs.php get_station_info station_id SQL injection. network low complexity magicbug CWE-89 critical	9.8
2024-10-14	CVE-2024-9923	Unspecified vulnerability in Teamplus Team+ PRO The Team+ from TEAMPLUS TECHNOLOGY does not properly validate a specific page parameter, allowing remote attackers with administrator privileges to move arbitrary system files to the website root directory and access them. network low complexity teamplus	4.9
2024-10-14	CVE-2024-9924	The fix for CVE-2024-26261 was incomplete, and and the specific package for OAKlouds from Hgiga remains at risk. network low complexity critical	9.8
2024-10-14	CVE-2024-9921	SQL Injection vulnerability in Teamplus Team+ PRO The Team+ from TEAMPLUS TECHNOLOGY does not properly validate specific page parameter, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify and delete database contents. network low complexity teamplus CWE-89 critical	9.8
2024-10-14	CVE-2024-9922	Unspecified vulnerability in Teamplus Team+ PRO The Team+ from TEAMPLUS TECHNOLOGY does not properly validate a specific page parameter, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files. network low complexity teamplus	7.5
2024-10-13	CVE-2024-9917	Deserialization of Untrusted Data vulnerability in Usualtool Usualtoolcms 9.0 A vulnerability, which was classified as critical, was found in HuangDou UTCMS V9. network low complexity usualtool CWE-502	4.9

Vulnerabilities {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities"}]}

Vulnerabilities