CVE List - 2024 / January

Showing 1201 - 1300 of 2591 CVEs for January 2024 (Page 13 of 26)

Back to List Previous Next

CVE ID	Date	Title
CVE-2023-46942	2024-01-13	Lack of authentication in NPM's package @evershop/evershop before version 1.0.0-rc.8,...
CVE-2023-50072	2024-01-13	A Stored Cross-Site Scripting (XSS) vulnerability exists in OpenKM version...
CVE-2023-51063	2024-01-13	QStar Archive Solutions Release RELEASE_3-0 Build 7 Patch 0 was...
CVE-2023-51066	2024-01-13	An authenticated remote code execution vulnerability in QStar Archive Solutions...
CVE-2023-51068	2024-01-13	An authenticated reflected cross-site scripting (XSS) vulnerability in QStar Archive...
CVE-2023-51071	2024-01-13	An access control issue in QStar Archive Solutions Release RELEASE_3-0...
CVE-2023-51804	2024-01-13	An issue in rymcu forest v.0.02 allows a remote attacker...
CVE-2024-0475	2024-01-13	code-projects Dormitory Management System modifyuser.php sql injection
CVE-2024-0476	2024-01-13	Blood Bank & Donor Management request-received-bydonar.php cross site scripting
CVE-2024-0477	2024-01-13	code-projects Fighting Cock Information System update-deworm.php sql injection
CVE-2024-0478	2024-01-13	code-projects Fighting Cock Information System edit_chicken.php sql injection
CVE-2024-0479	2024-01-13	Taokeyun HTTP POST Request User.php login sql injection
CVE-2024-0480	2024-01-13	Taokeyun HTTP POST Request Drs.php index sql injection
CVE-2024-0251	2024-01-13	The Advanced Woo Search plugin for WordPress is vulnerable to...
CVE-2024-21640	2024-01-13	OOB Access in CefVideoConsumerOSR::OnFrameCaptured
CVE-2024-22209	2024-01-13	XBlock custom auth does not respect JWT Scopes
CVE-2024-0481	2024-01-13	Taokeyun HTTP POST Request Goods.php shopGoods sql injection
CVE-2024-0482	2024-01-13	Taokeyun HTTP POST Request Video.php index sql injection
CVE-2024-0483	2024-01-13	Taokeyun HTTP POST Request Task.php index sql injection
CVE-2024-0484	2024-01-13	code-projects Fighting Cock Information System update_mother.php sql injection
CVE-2024-0485	2024-01-13	code-projects Fighting Cock Information System add_con.php sql injection
CVE-2024-0486	2024-01-13	code-projects Fighting Cock Information System add_con.php sql injection
CVE-2024-0487	2024-01-13	code-projects Fighting Cock Information System delete-vaccine.php sql injection
CVE-2024-0488	2024-01-13	code-projects Fighting Cock Information System new-feed.php sql injection
CVE-2024-0489	2024-01-13	code-projects Fighting Cock Information System edit_chicken.php sql injection
CVE-2024-0490	2024-01-13	Huaxia ERP getAllList information disclosure
CVE-2024-0491	2024-01-13	Huaxia ERP UserController.java password recovery
CVE-2024-0492	2024-01-13	Kashipara Billing Software HTTP POST Request buyer_detail_submit.php sql injection
CVE-2024-0493	2024-01-13	Kashipara Billing Software HTTP POST Request submit_delivery_list.php sql injection
CVE-2024-0494	2024-01-13	Kashipara Billing Software HTTP POST Request material_bill.php sql injection
CVE-2024-0495	2024-01-13	Kashipara Billing Software HTTP POST Request party_submit.php sql injection
CVE-2024-0496	2024-01-13	Kashipara Billing Software HTTP POST Request item_list_edit.php sql injection
CVE-2024-0497	2024-01-13	Campcodes Student Information System sql injection
CVE-2024-0498	2024-01-13	Project Worlds Lawyer Management System searchLawyer.php sql injection
CVE-2024-0499	2024-01-13	SourceCodester House Rental Management System index.php cross site scripting
CVE-2024-0500	2024-01-13	SourceCodester House Rental Management System Manage Tenant Details cross site scripting
CVE-2024-0501	2024-01-13	SourceCodester House Rental Management System Manage Invoice Details cross site scripting
CVE-2024-0502	2024-01-13	SourceCodester House Rental Management System Edit User manage_user.php sql injection
CVE-2024-0503	2024-01-13	code-projects Online FIR System registercomplaint.php cross site scripting
CVE-2024-0504	2024-01-13	code-projects Simple Online Hotel Reservation System Make a Reservation Page add_reserve.php cross site scripting
CVE-2024-0505	2024-01-13	ZhongFuCheng3y Austin Upload Material Menu MaterialController.java getFile unrestricted upload
CVE-2024-0510	2024-01-13	HaoKeKeJi YiQiNiu Api.php http_post server-side request forgery
CVE-2024-0522	2024-01-14	Allegro RomPager HTTP POST Request cross-site request forgery
CVE-2024-0523	2024-01-14	CmsEasy language_admin.php getslide_child_action sql injection
CVE-2024-0524	2024-01-14	CXBSoft Url-shorting index.php sql injection
CVE-2024-0525	2024-01-14	CXBSoft Url-shorting HTTP POST Request long_s_short.php sql injection
CVE-2020-36770	2024-01-15	pkg_postinst in the Gentoo ebuild for Slurm through 22.05.3 unnecessarily...
CVE-2024-0526	2024-01-15	CXBSoft Url-shorting HTTP POST Request short_to_long.php sql injection
CVE-2024-0527	2024-01-15	CXBSoft Url-shorting HTTP POST Request update_go.php sql injection
CVE-2024-0528	2024-01-15	CXBSoft Post-Office HTTP POST Request update_go.php sql injection
CVE-2024-0529	2024-01-15	CXBSoft Post-Office HTTP POST Request login_auth.php sql injection
CVE-2024-0530	2024-01-15	CXBSoft Post-Office HTTP POST Request reg_go.php sql injection
CVE-2024-0531	2024-01-15	Tenda A15 Web-based Management Interface setBlackRule stack-based overflow
CVE-2024-0532	2024-01-15	Tenda A15 Web-based Management Interface WifiExtraSet set_repeat5 stack-based overflow
CVE-2024-0533	2024-01-15	Tenda A15 Web-based Management Interface SetOnlineDevName stack-based overflow
CVE-2024-0534	2024-01-15	Tenda A15 Web-based Management Interface SetOnlineDevName stack-based overflow
CVE-2023-48383	2024-01-15	NetVision Information airPASS - Path Traversal
CVE-2024-0535	2024-01-15	Tenda PA6 httpd portmap cgiPortMapAdd stack-based overflow
CVE-2024-0536	2024-01-15	Tenda W9 httpd setWrlAccessList stack-based overflow
CVE-2024-0537	2024-01-15	Tenda W9 httpd setWrlBasicInfo stack-based overflow
CVE-2024-0538	2024-01-15	Tenda W9 httpd formQosManage_auto stack-based overflow
CVE-2024-0552	2024-01-15	Intumit inc. SmartRobot - Remote Code Execution
CVE-2024-0539	2024-01-15	Tenda W9 httpd formQosManage_user stack-based overflow
CVE-2024-0540	2024-01-15	Tenda W9 httpd formOfflineSet stack-based overflow
CVE-2024-0541	2024-01-15	Tenda W9 httpd formAddSysLogRule stack-based overflow
CVE-2024-0542	2024-01-15	Tenda W9 httpd formWifiMacFilterGet stack-based overflow
CVE-2024-0543	2024-01-15	CodeAstro Real Estate Management System propertydetail.php sql injection
CVE-2024-0545	2024-01-15	CodeCanyon RISE Ultimate Project Manager signin redirect
CVE-2024-0546	2024-01-15	EasyFTP LIST Command denial of service
CVE-2024-0547	2024-01-15	Ability FTP Server APPE Command denial of service
CVE-2024-0548	2024-01-15	FreeFloat FTP Server SIZE Command denial of service
CVE-2024-22028	2024-01-15	Insufficient technical documentation issue exists in thermal camera TMC series...
CVE-2023-6915	2024-01-15	Kernel: null pointer dereference vulnerability in ida_free in lib/idr.c
CVE-2023-50290	2024-01-15	Apache Solr: Host environment variables are published via the Metrics API
CVE-2023-46749	2024-01-15	Apache Shiro before 1.13.0 or 2.0.0-alpha-4, may be susceptible to a path traversal attack that results in an authentication bypass when used together with path rewriting
CVE-2023-46226	2024-01-15	Apache IoTDB: Remote Code Execution (RCE) risk via the UDF
CVE-2023-5253	2024-01-15	Check Point IoT integration: WebSocket returns assets data without authentication in Guardian/CMC before 23.3.0
CVE-2023-4001	2024-01-15	Grub2: bypass the grub password protection feature
CVE-2024-20721	2024-01-15	T5 Acrobat JS vulnerability - Exploitable crash via t5::javascript::get_page_num_words
CVE-2024-20709	2024-01-15	New Edge T5 MSRC Case [DCMSFT-1081]
CVE-2023-4818	2024-01-15	PAX A920 device allows to downgrade bootloader due to a...
CVE-2023-42134	2024-01-15	PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.45_20230314 or earlier can...
CVE-2023-42135	2024-01-15	PAX A920Pro/A50 devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can allow local...
CVE-2023-42136	2024-01-15	PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can...
CVE-2023-42137	2024-01-15	PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can...
CVE-2023-6941	2024-01-15	Keap Official Opt-in Forms <= 1.0.11 - Admin+ Stored XSS
CVE-2023-6049	2024-01-15	Estatik Real Estate Plugin < 4.1.1 - Unauthenticated PHP Object Injection
CVE-2023-6029	2024-01-15	EazyDocs < 2.3.6 - Unauthenticated Arbitrary Posts Deletion and Document Management
CVE-2023-6843	2024-01-15	easy.jobs < 2.4.7 - Subscriber+ Arbitrary Settings Update
CVE-2023-6623	2024-01-15	Essential Blocks < 4.4.3 - Unauthenticated Local File Inclusion
CVE-2023-6048	2024-01-15	Estatik Real Estate Plugin < 4.1.1 - Subscriber+ Arbitrary Option Update
CVE-2023-6163	2024-01-15	WP Crowdfunding < 2.1.10 - Admin+ Stored XSS
CVE-2023-6620	2024-01-15	Post SMTP < 2.8.7 - Admin+ SQL Injection
CVE-2023-6991	2024-01-15	JSM file_get_contents() Shortcode < 2.7.1 - Contributor+ SSRF
CVE-2023-6050	2024-01-15	Estatik Real Estate Plugin < 4.1.1 - Reflected XSS
CVE-2023-6066	2024-01-15	WP Custom Widget Area <= 1.2.5 - Subscriber+ Menus Creation/Deletion/Update
CVE-2023-5905	2024-01-15	DeMomentSomTres WordPress Export Posts With Images <= 20220825 - Subscriber+ unauthorized data export
CVE-2023-4925	2024-01-15	Easy Forms for Mailchimp <= 6.8.10 - Admin+ Stored Cross-Site Scripting
CVE-2024-22207	2024-01-15	Default swagger-ui configuration exposes all files in the module
CVE-2023-50729	2024-01-15	An unrestricted file upload vulnerability in traccar leads to RCE