Vulnerabilities > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-09	CVE-2024-45203	Unspecified vulnerability in Istyle @Cosme Improper authorization in handler for custom URL scheme issue in "@cosme" App for Android versions prior 5.69.0 and "@cosme" App for iOS versions prior to 6.74.0 allows an attacker to lead a user to access an arbitrary website via the vulnerable App. network low complexity istyle	4.3
2024-09-09	CVE-2024-45625	Cross-site Scripting vulnerability in Incsub Forminator Cross-site scripting vulnerability exists in Forminator versions prior to 1.34.1. network low complexity incsub CWE-79	6.1
2024-09-09	CVE-2024-8585	Path Traversal vulnerability in Learningdigital Orca HCM Orca HCM from LEARNING DIGITA does not properly restrict a specific parameter of the file download functionality, allowing a remote attacker with regular privileges to download arbitrary system files. network low complexity learningdigital CWE-22	6.5
2024-09-09	CVE-2024-8586	Open Redirect vulnerability in Uniong Webitr WebITR from Uniong has an Open Redirect vulnerability, which allows unauthorized remote attackers to exploit this vulnerability to forge URLs. network low complexity uniong CWE-601	6.1
2024-09-08	CVE-2024-8582	Cross-site Scripting vulnerability in Oretnom23 Food Ordering Management System 1.0 A vulnerability was found in SourceCodester Food Ordering Management System 1.0 and classified as problematic. network low complexity oretnom23 CWE-79	6.1
2024-09-08	CVE-2024-8583	Cross-site Scripting vulnerability in Oretnom23 Online Bank Management System 1.0 A vulnerability was found in SourceCodester Online Bank Management System and Online Bank Management System - 1.0. network low complexity oretnom23 CWE-79	5.4
2024-09-08	CVE-2024-42341	Open Redirect vulnerability in Loway Queuemetrics 22.11.6/23.09/24.05 Loway - CWE-601: URL Redirection to Untrusted Site ('Open Redirect') network low complexity loway CWE-601	6.1
2024-09-08	CVE-2024-42342	HTTP Request Smuggling vulnerability in Loway Queuemetrics 22.11.6/23.09/24.05 Loway - CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') network low complexity loway CWE-444	4.3
2024-09-08	CVE-2024-8571	Information Exposure Through an Error Message vulnerability in Erjemin Roll CMS A vulnerability was found in erjemin roll_cms up to 1484fe2c4e0805946a7bcf46218509fcb34883a9. network low complexity erjemin CWE-209	5.3
2024-09-08	CVE-2024-8572	Cross-site Scripting vulnerability in Gouniverse Golang CMS A vulnerability was found in Gouniverse GoLang CMS 1.4.0. network low complexity gouniverse CWE-79	6.1

Vulnerabilities > Medium {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Medium"}]}

Vulnerabilities > Medium