Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-28 | CVE-2024-50488 | Missing Authentication for Critical Function vulnerability in Priyabratasarkar Token Login Authentication Bypass Using an Alternate Path or Channel vulnerability in Priyabrata Sarkar Token Login allows Authentication Bypass.This issue affects Token Login: from n/a through 1.0.3. | 8.8 |
| 2024-10-28 | CVE-2024-50491 | SQL Injection vulnerability in Micahblu Rsvp ME Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Micah Blu RSVP ME allows SQL Injection.This issue affects RSVP ME: from n/a through 1.9.9. | 9.8 |
| 2024-10-28 | CVE-2024-50497 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Buynowdepot Advanced Online Ordering and Delivery Platform Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in BuyNowDepot Advanced Online Ordering and Delivery Platform allows PHP Local File Inclusion.This issue affects Advanced Online Ordering and Delivery Platform: from n/a through 2.0.0. | 9.8 |
| 2024-10-28 | CVE-2024-50501 | Cross-site Scripting vulnerability in Climaxthemes Kata Plus Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Climax Themes Kata Plus allows Stored XSS.This issue affects Kata Plus: from n/a through 1.4.7. | 5.4 |
| 2024-10-28 | CVE-2024-50502 | Cross-site Scripting vulnerability in Cozythemes Cozy Blocks Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CozyThemes Cozy Blocks allows Stored XSS.This issue affects Cozy Blocks: from n/a through 2.0.18. | 5.4 |
| 2024-10-28 | CVE-2024-50573 | Missing Authorization vulnerability in Jetbrains HUB In JetBrains Hub before 2024.3.47707 improper access control allowed users to generate permanent tokens for unauthorized services | 5.4 |
| 2024-10-28 | CVE-2024-50574 | Unspecified vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.3.47707 potential ReDoS exploit was possible via email header parsing in Helpdesk functionality | 7.5 |
| 2024-10-28 | CVE-2024-50575 | Cross-site Scripting vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.3.47707 reflected XSS was possible in Widget API | 6.1 |
| 2024-10-28 | CVE-2024-50576 | Cross-site Scripting vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via vendor URL in App manifest | 5.4 |
| 2024-10-28 | CVE-2024-50577 | Cross-site Scripting vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via Angular template injection in Hub settings | 5.4 |