Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-04 | CVE-2024-50528 | Unspecified vulnerability in Stacksmarket Stacks Mobile APP Builder Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Stacks Stacks Mobile App Builder allows Retrieve Embedded Sensitive Data.This issue affects Stacks Mobile App Builder: from n/a through 5.2.3. | 7.5 |
| 2024-11-04 | CVE-2024-50529 | Unrestricted Upload of File with Dangerous Type vulnerability in Rudrainnovative Training - Courses Unrestricted Upload of File with Dangerous Type vulnerability in Rudra Innnovative Software Training – Courses allows Upload a Web Shell to a Web Server.This issue affects Training – Courses: from n/a through 2.0.1. | 8.8 |
| 2024-11-04 | CVE-2024-50530 | Unrestricted Upload of File with Dangerous Type vulnerability in Myriadsolutionz Stars Smtp Mailer Unrestricted Upload of File with Dangerous Type vulnerability in Myriad Solutionz Stars SMTP Mailer allows Upload a Web Shell to a Web Server.This issue affects Stars SMTP Mailer: from n/a through 1.7. | 8.8 |
| 2024-11-04 | CVE-2024-50531 | Unrestricted Upload of File with Dangerous Type vulnerability in Carrcommunications Rsvpmaker Unrestricted Upload of File with Dangerous Type vulnerability in David F. | 9.8 |
| 2024-11-04 | CVE-2024-51408 | Server-Side Request Forgery (SSRF) vulnerability in Appsmith AppSmith Community 1.8.3 before 1.46 allows SSRF via New DataSource for application/json requests to 169.254.169.254 to retrieve AWS metadata credentials. | 6.5 |
| 2024-11-04 | CVE-2024-51582 | Path Traversal vulnerability in Thimpress WP Hotel Booking Path Traversal: '.../...//' vulnerability in ThimPress WP Hotel Booking allows PHP Local File Inclusion.This issue affects WP Hotel Booking: from n/a through 2.1.4. | 8.8 |
| 2024-11-04 | CVE-2024-51665 | Server-Side Request Forgery (SSRF) vulnerability in Wpthemespace Magical Addons for Elementor Server-Side Request Forgery (SSRF) vulnerability in Noor alam Magical Addons For Elementor allows Server Side Request Forgery.This issue affects Magical Addons For Elementor: from n/a through 1.2.1. | 4.3 |
| 2024-11-04 | CVE-2024-51672 | SQL Injection vulnerability in Wpdeveloper Betterlinks Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPDeveloper BetterLinks allows SQL Injection.This issue affects BetterLinks: from n/a through 2.1.7. | 7.2 |
| 2024-11-04 | CVE-2024-51556 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in 63Moons Aero and Wave 2.0 This vulnerability exists in the Wave 2.0 due to insufficient encryption of sensitive data received at the API response. | 6.5 |
| 2024-11-04 | CVE-2024-51557 | Allocation of Resources Without Limits or Throttling vulnerability in 63Moons Aero and Wave 2.0 This vulnerability exists in the Wave 2.0 due to missing rate limiting on OTP requests in an API endpoint. | 6.5 |