Vulnerabilities > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2024-08-02	CVE-2024-22278	Unspecified vulnerability in Linuxfoundation Harbor Incorrect user permission validation in Harbor <v2.9.5 and Harbor <v2.10.3 allows authenticated users to modify configurations. network low complexity linuxfoundation	4.3
2024-08-01	CVE-2024-39626	Cross-site Scripting vulnerability in 5Starplugins Pretty Simple Popup Builder Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in 5 Star Plugins Pretty Simple Popup Builder allows Stored XSS.This issue affects Pretty Simple Popup Builder: from n/a through 1.0.7. network low complexity 5starplugins CWE-79	4.8
2024-08-01	CVE-2024-39627	Cross-site Scripting vulnerability in Imagely Nextgen Gallery Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Imagely NextGEN Gallery allows Stored XSS.This issue affects NextGEN Gallery: from n/a through 3.59.3. network low complexity imagely CWE-79	4.8
2024-08-01	CVE-2024-39629	Cross-site Scripting vulnerability in Themegrill Himalayas Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemeGrill Himalayas allows Stored XSS.This issue affects Himalayas: from n/a through 1.3.2. network low complexity themegrill CWE-79	4.8
2024-08-01	CVE-2024-39631	Cross-site Scripting vulnerability in Contest-Gallery Contest Gallery Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Contest Gallery allows Stored XSS.This issue affects Contest Gallery: from n/a through 23.1.2. network low complexity contest-gallery CWE-79	6.1
2024-08-01	CVE-2024-39643	Cross-site Scripting vulnerability in Metagauss Registrationmagic Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in RegistrationMagic Forms RegistrationMagic allows Stored XSS.This issue affects RegistrationMagic: from n/a through 6.0.0.1. network low complexity metagauss CWE-79	6.1
2024-08-01	CVE-2024-39644	Cross-site Scripting vulnerability in Modernaweb Black Widgets for Elementor Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Modernaweb Studio Black Widgets For Elementor allows Stored XSS.This issue affects Black Widgets For Elementor: from n/a through 1.3.5. network low complexity modernaweb CWE-79	5.4
2024-08-01	CVE-2024-39646	Cross-site Scripting vulnerability in Kunalnagar Custom 404 PRO Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kunal Nagar Custom 404 Pro allows Reflected XSS.This issue affects Custom 404 Pro: from n/a through 3.11.1. network low complexity kunalnagar CWE-79	6.1
2024-08-01	CVE-2024-39647	Cross-site Scripting vulnerability in Kofimokome Message Filter for Contact Form 7 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kofi Mokome Message Filter for Contact Form 7 allows Reflected XSS.This issue affects Message Filter for Contact Form 7: from n/a through 1.6.1.1. network low complexity kofimokome CWE-79	6.1
2024-08-01	CVE-2024-32931	Unspecified vulnerability in Johnsoncontrols Exacqvision web Service 20.06.11.0/20.06.3.0/21.03 Under certain circumstances the exacqVision Web Service can expose authentication token details within communications. network low complexity johnsoncontrols	5.7

Vulnerabilities > Medium {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Medium"}]}

Vulnerabilities > Medium