Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-04 | CVE-2024-45164 | Incorrect Authorization vulnerability in Akamai Secure Internet Access Enterprise Threatavert 19.2.0.2 Akamai SIA (Secure Internet Access Enterprise) ThreatAvert, in SPS (Security and Personalization Services) before the latest 19.2.0 patch and Apps Portal before 19.2.0.3 or 19.2.0.20240814, has incorrect authorization controls for the Admin functionality on the ThreatAvert Policy page. | 7.1 |
| 2024-11-04 | CVE-2024-50528 | Unspecified vulnerability in Stacksmarket Stacks Mobile APP Builder Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Stacks Stacks Mobile App Builder allows Retrieve Embedded Sensitive Data.This issue affects Stacks Mobile App Builder: from n/a through 5.2.3. | 7.5 |
| 2024-11-04 | CVE-2024-50529 | Unrestricted Upload of File with Dangerous Type vulnerability in Rudrainnovative Training - Courses Unrestricted Upload of File with Dangerous Type vulnerability in Rudra Innnovative Software Training – Courses allows Upload a Web Shell to a Web Server.This issue affects Training – Courses: from n/a through 2.0.1. | 8.8 |
| 2024-11-04 | CVE-2024-50530 | Unrestricted Upload of File with Dangerous Type vulnerability in Myriadsolutionz Stars Smtp Mailer Unrestricted Upload of File with Dangerous Type vulnerability in Myriad Solutionz Stars SMTP Mailer allows Upload a Web Shell to a Web Server.This issue affects Stars SMTP Mailer: from n/a through 1.7. | 8.8 |
| 2024-11-04 | CVE-2024-51582 | Path Traversal vulnerability in Thimpress WP Hotel Booking Path Traversal: '.../...//' vulnerability in ThimPress WP Hotel Booking allows PHP Local File Inclusion.This issue affects WP Hotel Booking: from n/a through 2.1.4. | 8.8 |
| 2024-11-04 | CVE-2024-51672 | SQL Injection vulnerability in Wpdeveloper Betterlinks Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPDeveloper BetterLinks allows SQL Injection.This issue affects BetterLinks: from n/a through 2.1.7. | 7.2 |
| 2024-11-04 | CVE-2024-51561 | Unspecified vulnerability in 63Moons Aero and Wave 2.0 This vulnerability exists in Aero due to improper implementation of OTP validation mechanism in certain API endpoints. | 7.5 |
| 2024-11-04 | CVE-2024-36485 | SQL Injection vulnerability in Zohocorp Manageengine Adaudit Plus Zohocorp ManageEngine ADAudit Plus versions below 8121 are vulnerable to SQL Injection in Technician reports option. | 8.8 |
| 2024-11-04 | CVE-2024-48878 | SQL Injection vulnerability in Zohocorp Manageengine Admanager Plus Zohocorp ManageEngine ADManager Plus versions 7241 and prior are vulnerable to SQL Injection in Archived Audit Report. | 8.8 |
| 2024-11-04 | CVE-2024-51661 | OS Command Injection vulnerability in Davidlingren Media Library Assistant Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in David Lingren Media Library Assistant allows Command Injection.This issue affects Media Library Assistant: from n/a through 3.19. | 7.2 |