Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2024-10-28 CVE-2024-45802 Unspecified vulnerability in Squid-Cache Squid
Squid is an open source caching proxy for the Web supporting HTTP, HTTPS, FTP, and more.
network
low complexity
squid-cache
7.5
2024-10-28 CVE-2024-49761 Unspecified vulnerability in Ruby-Lang Rexml
REXML is an XML toolkit for Ruby.
network
low complexity
ruby-lang
7.5
2024-10-28 CVE-2024-10447 SQL Injection vulnerability in Projectworlds Online Time Table Generator 1.0
A vulnerability classified as critical was found in Project Worlds Online Time Table Generator 1.0.
network
low complexity
projectworlds CWE-89
8.8
2024-10-28 CVE-2024-50488 Missing Authentication for Critical Function vulnerability in Priyabratasarkar Token Login
Authentication Bypass Using an Alternate Path or Channel vulnerability in Priyabrata Sarkar Token Login allows Authentication Bypass.This issue affects Token Login: from n/a through 1.0.3.
network
low complexity
priyabratasarkar CWE-306
8.8
2024-10-28 CVE-2024-50574 Unspecified vulnerability in Jetbrains Youtrack
In JetBrains YouTrack before 2024.3.47707 potential ReDoS exploit was possible via email header parsing in Helpdesk functionality
network
low complexity
jetbrains
7.5
2024-10-28 CVE-2024-10446 SQL Injection vulnerability in Projectworlds Online Time Table Generator 1.0
A vulnerability classified as critical has been found in Project Worlds Online Time Table Generator 1.0.
network
low complexity
projectworlds CWE-89
7.2
2024-10-28 CVE-2024-50408 Deserialization of Untrusted Data vulnerability in Kibokolabs Namaste! LMS
Deserialization of Untrusted Data vulnerability in Kiboko Labs Namaste! LMS allows Object Injection.This issue affects Namaste! LMS: from n/a through 2.6.3.
network
low complexity
kibokolabs CWE-502
8.8
2024-10-28 CVE-2024-50416 Deserialization of Untrusted Data vulnerability in Wpclever WPC Shop AS a Customer for Woocommerce
Deserialization of Untrusted Data vulnerability in WPClever WPC Shop as a Customer for WooCommerce allows Object Injection.This issue affects WPC Shop as a Customer for WooCommerce: from n/a through 1.2.6.
network
low complexity
wpclever CWE-502
8.8
2024-10-28 CVE-2024-50442 XXE vulnerability in Royal-Elementor-Addons Royal Elementor Addons
Improper Restriction of XML External Entity Reference vulnerability in WP Royal Royal Elementor Addons allows XML Injection.This issue affects Royal Elementor Addons: from n/a through 1.3.980.
network
low complexity
royal-elementor-addons CWE-611
7.2
2024-10-28 CVE-2024-9162 The All-in-One WP Migration and Backup plugin for WordPress is vulnerable to arbitrary PHP Code Injection due to missing file type validation during the export in all versions up to, and including, 7.86.
network
low complexity
CWE-94
7.2