Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-24 | CVE-2024-9865 | Cross-site Scripting vulnerability in Metagauss Eventprime The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ep_booking_attendee_fields’ fields in all versions up to, and including, 4.0.4.7 due to insufficient input sanitization and output escaping. | 6.1 |
2024-10-24 | CVE-2024-9374 | The Terms descriptions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 3.4.6. network low complexity | 6.1 |
2024-10-23 | CVE-2023-50355 | Information Exposure Through an Error Message vulnerability in Hcltech Sametime 11.6/12.0/12.0.2 HCL Sametime is impacted by the error messages containing sensitive information. | 5.3 |
2024-10-23 | CVE-2024-48213 | Path Traversal vulnerability in Rockoa Xinhu 2.6.5 RockOA v2.6.5 is vulnerable to Directory Traversal in webmain/system/beifen/beifenAction.php. | 4.3 |
2024-10-23 | CVE-2024-10300 | SQL Injection vulnerability in PHPgurukul Medical Card Generation System 1.0 A vulnerability, which was classified as critical, has been found in PHPGurukul Medical Card Generation System 1.0. | 7.2 |
2024-10-23 | CVE-2024-10301 | SQL Injection vulnerability in PHPgurukul Medical Card Generation System 1.0 A vulnerability, which was classified as critical, was found in PHPGurukul Medical Card Generation System 1.0. | 7.2 |
2024-10-23 | CVE-2024-10298 | SQL Injection vulnerability in PHPgurukul Medical Card Generation System 1.0 A vulnerability classified as critical has been found in PHPGurukul Medical Card Generation System 1.0. | 7.2 |
2024-10-23 | CVE-2024-10299 | SQL Injection vulnerability in PHPgurukul Medical Card Generation System 1.0 A vulnerability classified as critical was found in PHPGurukul Medical Card Generation System 1.0. | 7.2 |
2024-10-23 | CVE-2024-48963 | OS Command Injection vulnerability in Snyk CLI The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted PHP project. | 9.8 |
2024-10-23 | CVE-2024-48964 | Code Injection vulnerability in Snyk CLI The package Snyk CLI before 1.1294.0 is vulnerable to Code Injection when scanning an untrusted Gradle project. | 8.8 |