Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-18 | CVE-2024-49241 | Cross-site Scripting vulnerability in Tadywalsh Tito Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tady Walsh Tito allows DOM-Based XSS.This issue affects Tito: from n/a through 2.3. | 5.4 |
| 2024-10-18 | CVE-2024-49243 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Jonvincentmendoza Dynamic Elementor Addons Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Jon Vincent Mendoza Dynamic Elementor Addons allows PHP Local File Inclusion.This issue affects Dynamic Elementor Addons: from n/a through 1.0.0. | 8.8 |
| 2024-10-18 | CVE-2024-9425 | Cross-site Scripting vulnerability in Sajjadhsagor Advanced Category and Custom Taxonomy Image The Advanced Category and Custom Taxonomy Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ad_tax_image shortcode in all versions up to, and including, 1.0.9 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2024-10-18 | CVE-2023-49570 | Improper Certificate Validation vulnerability in Bitdefender Total Security A vulnerability has been identified in Bitdefender Total Security HTTPS scanning functionality where the software trusts a certificate issued by an entity that isn't authorized to issue certificates. | 7.4 |
| 2024-10-18 | CVE-2024-47485 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Hikvision Hikcentral Master There is a CSV injection vulnerability in some HikCentral Master Lite versions. | 9.8 |
| 2024-10-18 | CVE-2024-47486 | Cross-site Scripting vulnerability in Hikvision Hikcentral Master There is an XSS vulnerability in some HikCentral Master Lite versions. | 6.1 |
| 2024-10-18 | CVE-2024-47487 | SQL Injection vulnerability in Hikvision Hikcentral Professional 2.0.0/2.5.1 There is a SQL injection vulnerability in some HikCentral Professional versions. | 8.8 |
| 2024-10-18 | CVE-2024-4739 | Unspecified vulnerability in Moxa Mxsecurity 1.0/1.0.1/1.1.0 The lack of access restriction to a resource from unauthorized users makes MXsecurity software versions v1.1.0 and prior vulnerable. | 7.5 |
| 2024-10-18 | CVE-2024-4740 | Use of Hard-coded Credentials vulnerability in Moxa Mxsecurity 1.0/1.0.1 MXsecurity software versions v1.1.0 and prior are vulnerable because of the use of hard-coded credentials. | 7.5 |
| 2024-10-18 | CVE-2023-49567 | Improper Certificate Validation vulnerability in Bitdefender Total Security A vulnerability has been identified in the Bitdefender Total Security HTTPS scanning functionality where the product incorrectly checks the site's certificate, which allows an attacker to make MITM SSL connections to an arbitrary site. | 6.8 |