Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-05 | CVE-2023-29119 | SQL Injection vulnerability in Enelx Waybox PRO Firmware Waybox Enel X web management application could execute arbitrary requests on the internal database via /admin/dbstore.php. | 8.8 |
| 2024-11-05 | CVE-2023-29120 | OS Command Injection vulnerability in Enelx Waybox PRO Firmware Waybox Enel X web management application could be used to execute arbitrary OS commands and provide administrator’s privileges over the Waybox system. | 8.8 |
| 2024-11-05 | CVE-2023-29121 | Unspecified vulnerability in Enelx Waybox PRO Firmware Waybox Enel TCF Agent service could be used to get administrator’s privileges over the Waybox system. low complexity enelx | 8.8 |
| 2024-11-05 | CVE-2023-29125 | Out-of-bounds Write vulnerability in Enelx Waybox PRO Firmware A heap buffer overflow could be triggered by sending a specific packet to TCP port 7700. | 8.0 |
| 2024-11-05 | CVE-2023-29126 | Unspecified vulnerability in Enelx Waybox PRO Firmware The Waybox Enel X web management application contains a PHP-type juggling vulnerability that may allow a brute force process and under certain conditions bypass authentication. low complexity enelx | 8.8 |
| 2024-11-05 | CVE-2023-29115 | Unspecified vulnerability in Enelx Waybox PRO Firmware In certain conditions a request directed to the Waybox Enel X Web management application could cause a denial-of-service (e.g. low complexity enelx | 6.5 |
| 2024-11-05 | CVE-2024-10844 | SQL Injection vulnerability in Bookstore Management System Project Bookstore Management System 1.0 A vulnerability, which was classified as critical, was found in 1000 Projects Bookstore Management System 1.0. | 9.8 |
| 2024-11-05 | CVE-2024-10845 | SQL Injection vulnerability in Bookstore Management System Project Bookstore Management System 1.0 A vulnerability has been found in 1000 Projects Bookstore Management System 1.0 and classified as critical. | 9.8 |
| 2024-11-05 | CVE-2024-10329 | Unspecified vulnerability in G5Plus Ultimate Bootstrap Elements for Elementor The Ultimate Bootstrap Elements for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.6 via the 'ube_get_page_templates' function. | 4.3 |
| 2024-11-05 | CVE-2024-10841 | SQL Injection vulnerability in Romadebrian Web-Sekolah 1.0 A vulnerability classified as critical was found in romadebrian WEB-Sekolah 1.0. | 8.0 |