Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-19 | CVE-2024-46382 | SQL Injection vulnerability in Linlinjava Litemall 1.8.0 A SQL injection vulnerability in linlinjava litemall 1.8.0 allows a remote attacker to obtain sensitive information via the goodsId, goodsSn, and name parameters in AdminGoodscontroller.java. | 7.5 |
| 2024-09-19 | CVE-2024-45769 | A vulnerability was found in Performance Co-Pilot (PCP). This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash. local low complexity | 5.5 |
| 2024-09-19 | CVE-2024-45770 | A vulnerability was found in Performance Co-Pilot (PCP). | 4.4 |
| 2024-09-19 | CVE-2024-47087 | Unspecified vulnerability in Apexsoftcell LD DP Back Office and LD GEO This vulnerability exists in Apex Softcell LD Geo due to improper validation of the certain parameters (Client ID, DPID or BOID) in the API endpoint. | 6.5 |
| 2024-09-19 | CVE-2024-47088 | Improper Restriction of Excessive Authentication Attempts vulnerability in Apexsoftcell LD DP Back Office and LD GEO This vulnerability exists in Apex Softcell LD Geo due to missing restrictions for excessive failed authentication attempts on its API based login. | 9.8 |
| 2024-09-19 | CVE-2024-47089 | Improper Validation of Integrity Check Value vulnerability in Apexsoftcell LD DP Back Office and LD GEO This vulnerability exists in the Apex Softcell LD Geo due to improper validation of the transaction token ID in the API endpoint. | 6.5 |
| 2024-09-19 | CVE-2024-47085 | Unspecified vulnerability in Apexsoftcell LD DP Back Office and LD GEO This vulnerability exists in Apex Softcell LD DP Back Office due to improper validation of certain parameters (cCdslClicentcode and cLdClientCode) in the API endpoint. | 6.5 |
| 2024-09-19 | CVE-2024-47086 | Unspecified vulnerability in Apexsoftcell LD DP Back Office and LD GEO This vulnerability exists in Apex Softcell LD DP Back Office due to improper implementation of OTP validation mechanism in certain API endpoints. | 6.5 |
| 2024-09-19 | CVE-2022-4533 | Insufficient Verification of Data Authenticity vulnerability in Felixmoira Limit Login Attempts Plus The Limit Login Attempts Plus plugin for WordPress is vulnerable to IP Address Spoofing in versions up to, and including, 1.1.0. | 5.3 |
| 2024-09-19 | CVE-2024-8364 | Cross-site Scripting vulnerability in Webhammer WP Custom Fields Search The WP Custom Fields Search plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpcfs-preset shortcode in all versions up to, and including, 1.2.35 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |