Latest CVE Feed
-
6.5
MEDIUMCVE-2024-51605
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Genoo, LLC Genoo allows DOM-Based XSS.This issue affects Genoo: from n/a through 6.0.10.... Read more
Affected Products : genoo- Published: Nov. 09, 2024
- Modified: Nov. 15, 2024
-
6.1
MEDIUMCVE-2024-47067
AList is a file list program that supports multiple storages. AList contains a reflected cross-site scripting vulnerability in helper.go. The endpoint /i/:link_name takes in a user-provided value and reflects it back in the response. The endpoint returns ... Read more
Affected Products : alist- Published: Sep. 30, 2024
- Modified: Nov. 15, 2024
-
6.5
MEDIUMCVE-2024-51603
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Mircea N. NMR Strava activities allows DOM-Based XSS.This issue affects NMR Strava activities: from n/a through 1.0.6.... Read more
Affected Products : nmr_strava_activities- Published: Nov. 09, 2024
- Modified: Nov. 15, 2024
-
6.5
MEDIUMCVE-2024-51604
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Carlo Andro Mabugay Media Modal allows DOM-Based XSS.This issue affects Media Modal: from n/a through 1.0.2.... Read more
Affected Products : media_modal- Published: Nov. 09, 2024
- Modified: Nov. 15, 2024
-
6.5
MEDIUMCVE-2024-52358
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Cyberchimps Responsive Addons for Elementor allows DOM-Based XSS.This issue affects Responsive Addons for Elementor: from n/a through 1.5.4.... Read more
Affected Products : responsive_addons_for_elementor- Published: Nov. 11, 2024
- Modified: Nov. 15, 2024
-
8.8
HIGH- Published: Nov. 12, 2024
- Modified: Nov. 15, 2024
-
8.8
HIGH- Published: Nov. 12, 2024
- Modified: Nov. 15, 2024
-
8.8
HIGH- Published: Nov. 12, 2024
- Modified: Nov. 15, 2024
-
8.5
HIGHCVE-2024-51882
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ehues Gboy Custom Google Map allows Blind SQL Injection.This issue affects Gboy Custom Google Map: from n/a through 1.2.... Read more
Affected Products : gboy_custom_google_map- Published: Nov. 11, 2024
- Modified: Nov. 15, 2024
-
8.8
HIGH- Published: Nov. 12, 2024
- Modified: Nov. 15, 2024
-
8.8
HIGH- Published: Nov. 12, 2024
- Modified: Nov. 15, 2024
-
8.8
HIGH- Published: Nov. 12, 2024
- Modified: Nov. 15, 2024
-
8.8
HIGH- Published: Nov. 12, 2024
- Modified: Nov. 15, 2024
-
7.8
HIGHCVE-2024-49043
Microsoft.SqlServer.XEvent.Configuration.dll Remote Code Execution Vulnerability... Read more
Affected Products : sql_server sql_server sql_server_2016 sql_server_2017 sql_server_2019 sql_server_2022- Published: Nov. 12, 2024
- Modified: Nov. 15, 2024
-
6.5
MEDIUMCVE-2024-52356
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Webangon The Pack Elementor addons allows Stored XSS.This issue affects The Pack Elementor addons: from n/a through 2.1.0.... Read more
Affected Products : the_pack_elementor_addons- Published: Nov. 11, 2024
- Modified: Nov. 15, 2024
-
7.8
HIGHCVE-2024-49021
Microsoft SQL Server Remote Code Execution Vulnerability... Read more
Affected Products : sql_server sql_server sql_server_2016 sql_server_2017 sql_server_2019 sql_server_2022- Published: Nov. 12, 2024
- Modified: Nov. 15, 2024
-
6.5
MEDIUMCVE-2024-52357
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in LIQUID DESIGN Ltd. LIQUID BLOCKS allows Stored XSS.This issue affects LIQUID BLOCKS: from n/a through 1.2.0.... Read more
Affected Products : liquid_blocks- Published: Nov. 11, 2024
- Modified: Nov. 15, 2024
-
8.8
HIGH- Published: Nov. 12, 2024
- Modified: Nov. 15, 2024
-
8.8
HIGH- Published: Nov. 12, 2024
- Modified: Nov. 15, 2024
-
8.8
HIGH- Published: Nov. 12, 2024
- Modified: Nov. 15, 2024