Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-09-09 | CVE-2024-45203 | Unspecified vulnerability in Istyle @Cosme Improper authorization in handler for custom URL scheme issue in "@cosme" App for Android versions prior 5.69.0 and "@cosme" App for iOS versions prior to 6.74.0 allows an attacker to lead a user to access an arbitrary website via the vulnerable App. | 4.3 |
2024-09-09 | CVE-2024-45625 | Cross-site Scripting vulnerability in Incsub Forminator Cross-site scripting vulnerability exists in Forminator versions prior to 1.34.1. | 6.1 |
2024-09-09 | CVE-2024-8585 | Path Traversal vulnerability in Learningdigital Orca HCM Orca HCM from LEARNING DIGITA does not properly restrict a specific parameter of the file download functionality, allowing a remote attacker with regular privileges to download arbitrary system files. | 6.5 |
2024-09-09 | CVE-2024-8586 | Open Redirect vulnerability in Uniong Webitr WebITR from Uniong has an Open Redirect vulnerability, which allows unauthorized remote attackers to exploit this vulnerability to forge URLs. | 6.1 |
2024-09-08 | CVE-2024-8582 | Cross-site Scripting vulnerability in Oretnom23 Food Ordering Management System 1.0 A vulnerability was found in SourceCodester Food Ordering Management System 1.0 and classified as problematic. | 6.1 |
2024-09-08 | CVE-2024-8583 | Cross-site Scripting vulnerability in Oretnom23 Online Bank Management System 1.0 A vulnerability was found in SourceCodester Online Bank Management System and Online Bank Management System - 1.0. | 5.4 |
2024-09-08 | CVE-2024-42341 | Open Redirect vulnerability in Loway Queuemetrics 22.11.6/23.09/24.05 Loway - CWE-601: URL Redirection to Untrusted Site ('Open Redirect') | 6.1 |
2024-09-08 | CVE-2024-42342 | HTTP Request Smuggling vulnerability in Loway Queuemetrics 22.11.6/23.09/24.05 Loway - CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') | 4.3 |
2024-09-08 | CVE-2024-8571 | Information Exposure Through an Error Message vulnerability in Erjemin Roll CMS A vulnerability was found in erjemin roll_cms up to 1484fe2c4e0805946a7bcf46218509fcb34883a9. | 5.3 |
2024-09-08 | CVE-2024-8572 | Cross-site Scripting vulnerability in Gouniverse Golang CMS A vulnerability was found in Gouniverse GoLang CMS 1.4.0. | 6.1 |