Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-31 | CVE-2024-9708 | Cross-site Scripting vulnerability in Delowerhossain Easy SVG Upload The Easy SVG Upload plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. | 5.4 |
| 2024-10-31 | CVE-2024-10544 | The Woo Manage Fraud Orders plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.1.7 through publicly exposed log files. | 5.3 |
| 2024-10-31 | CVE-2024-10559 | Classic Buffer Overflow vulnerability in Razormist Airport Booking Management System 1.0 A vulnerability was found in SourceCodester Airport Booking Management System 1.0 and classified as critical. | 7.8 |
| 2024-10-31 | CVE-2024-10561 | SQL Injection vulnerability in Codezips PET Shop Management System 1.0 A vulnerability was found in Codezips Pet Shop Management System 1.0. | 9.8 |
| 2024-10-31 | CVE-2024-10556 | SQL Injection vulnerability in Codezips PET Shop Management System 1.0 A vulnerability, which was classified as critical, was found in Codezips Pet Shop Management System 1.0. | 9.8 |
| 2024-10-31 | CVE-2024-10557 | Cross-Site Request Forgery (CSRF) vulnerability in Fabianros Blood Bank Management System 1.0 A vulnerability has been found in code-projects Blood Bank Management System 1.0 and classified as problematic. | 6.5 |
| 2024-10-30 | CVE-2024-10005 | Path Traversal vulnerability in Hashicorp Consul A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using URL paths in L7 traffic intentions could bypass HTTP request path-based access rules. | 5.8 |
| 2024-10-30 | CVE-2024-10006 | Improper Encoding or Escaping of Output vulnerability in Hashicorp Consul A vulnerability was identified in Consul and Consul Enterprise (“Consul”) such that using Headers in L7 traffic intentions could bypass HTTP header based access rules. | 5.8 |
| 2024-10-30 | CVE-2024-10086 | Cross-site Scripting vulnerability in Hashicorp Consul A vulnerability was identified in Consul and Consul Enterprise such that the server response did not explicitly set a Content-Type HTTP header, allowing user-provided inputs to be misinterpreted and lead to reflected XSS. | 6.1 |
| 2024-10-30 | CVE-2024-9110 | Cross-site Scripting vulnerability in Beyondtrust Privileged Identity A medium severity vulnerability has been identified within Privileged Identity which can allow an attacker to perform reflected cross-site scripting attacks. | 6.1 |