CVE List - 2024 / March
Showing 1501 - 1600 of 3300 CVEs for March 2024 (Page 16 of 33)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-28640 | 2024-03-16 | Buffer Overflow vulnerability in TOTOLink X5000R V9.1.0u.6118-B20201102 and A7000R V9.1.0u.6115-B20201022... |
| CVE-2024-28069 | 2024-03-16 | A vulnerability in the legacy chat component of Mitel MiContact... |
| CVE-2024-28070 | 2024-03-16 | A vulnerability in the legacy chat component of Mitel MiContact... |
| CVE-2024-28639 | 2024-03-16 | Buffer Overflow vulnerability in TOTOLink X5000R V9.1.0u.6118-B20201102 and A7000R V9.1.0u.6115-B20201022,... |
| CVE-2023-51407 | 2024-03-16 | WordPress Split Test For Elementor plugin <= 1.6.9 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2023-51521 | 2024-03-16 | WordPress Quiz And Survey Master plugin <= 8.1.18 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2023-51512 | 2024-03-16 | WordPress Product Table by WBW plugin <= 1.8.6 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2023-51510 | 2024-03-16 | WordPress Export Media URLs plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2023-51491 | 2024-03-16 | WordPress Depicter Slider plugin <= 2.0.6 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2023-51489 | 2024-03-16 | WordPress Crowdsignal Polls & Ratings plugin <= 3.0.11 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2023-51487 | 2024-03-16 | WordPress ARI Stream Quiz – WordPress Quizzes Builder plugin <= 1.2.32 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2023-51486 | 2024-03-16 | WordPress WooCommerce PDF Invoice Builder, Create invoices, packing slips and more plugin <= 1.2.101 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2023-51474 | 2024-03-16 | WordPress TerraClassifieds plugin <= 2.0.3 - Cross Site Request Forgery (CSRF) to Account Takeover vulnerability |
| CVE-2024-27197 | 2024-03-16 | WordPress BeePress plugin <= 6.9.8 - CSRF to Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2024-27195 | 2024-03-16 | WordPress Watermark RELOADED plugin <= 1.3.5 - CSRF to XSS vulnerability |
| CVE-2024-27194 | 2024-03-16 | WordPress Fontific plugin <= 0.1.6 - CSRF to XSS vulnerability |
| CVE-2024-2308 | 2024-03-16 | The ElementInvader Addons for Elementor plugin for WordPress is vulnerable... |
| CVE-2024-2294 | 2024-03-16 | The Backuply – Backup, Restore, Migrate and Clone plugin for... |
| CVE-2024-1239 | 2024-03-16 | The ElementsKit Elementor addons plugin for WordPress is vulnerable to... |
| CVE-2024-2042 | 2024-03-16 | The ElementsKit Elementor addons plugin for WordPress is vulnerable to... |
| CVE-2023-6525 | 2024-03-16 | The ElementsKit Elementor addons plugin for WordPress is vulnerable to... |
| CVE-2024-23523 | 2024-03-16 | WordPress Elementor Pro plugin <= 3.19.2 - Contributor+ Arbitrary User Meta Data Retrieval vulnerability |
| CVE-2024-24845 | 2024-03-16 | WordPress Post Thumbnail Editor plugin <= 2.4.8 - Unauthenticated Sensitive Data Exposure vulnerability |
| CVE-2024-22259 | 2024-03-16 | CVE-2024-22259: Spring Framework URL Parsing with Host Validation (2nd report) |
| CVE-2024-1733 | 2024-03-16 | The Word Replacer Pro plugin for WordPress is vulnerable to... |
| CVE-2024-1685 | 2024-03-16 | The Social Media Share Buttons plugin for WordPress is vulnerable... |
| CVE-2024-1857 | 2024-03-16 | The Ultimate Gift Cards for WooCommerce – Create, Redeem &... |
| CVE-2024-2515 | 2024-03-16 | MAGESH-K21 Online-College-Event-Hall-Reservation-System home.php cross site scripting |
| CVE-2024-2516 | 2024-03-16 | MAGESH-K21 Online-College-Event-Hall-Reservation-System home.php sql injection |
| CVE-2024-2517 | 2024-03-16 | MAGESH-K21 Online-College-Event-Hall-Reservation-System book_history.php sql injection |
| CVE-2024-2518 | 2024-03-16 | MAGESH-K21 Online-College-Event-Hall-Reservation-System book_history.php cross site scripting |
| CVE-2024-2519 | 2024-03-16 | MAGESH-K21 Online-College-Event-Hall-Reservation-System navbar.php cross site scripting |
| CVE-2024-2520 | 2024-03-16 | MAGESH-K21 Online-College-Event-Hall-Reservation-System bookdate.php sql injection |
| CVE-2024-2521 | 2024-03-16 | MAGESH-K21 Online-College-Event-Hall-Reservation-System bookdate.php cross site scripting |
| CVE-2024-2522 | 2024-03-16 | MAGESH-K21 Online-College-Event-Hall-Reservation-System booktime.php sql injection |
| CVE-2024-2523 | 2024-03-16 | MAGESH-K21 Online-College-Event-Hall-Reservation-System booktime.php cross site scripting |
| CVE-2024-2524 | 2024-03-16 | MAGESH-K21 Online-College-Event-Hall-Reservation-System receipt.php sql injection |
| CVE-2024-2525 | 2024-03-16 | MAGESH-K21 Online-College-Event-Hall-Reservation-System receipt.php cross site scripting |
| CVE-2024-2526 | 2024-03-16 | MAGESH-K21 Online-College-Event-Hall-Reservation-System rooms.php cross site scripting |
| CVE-2024-2527 | 2024-03-16 | MAGESH-K21 Online-College-Event-Hall-Reservation-System rooms.php sql injection |
| CVE-2024-2528 | 2024-03-16 | MAGESH-K21 Online-College-Event-Hall-Reservation-System update-rooms.php sql injection |
| CVE-2024-2529 | 2024-03-16 | MAGESH-K21 Online-College-Event-Hall-Reservation-System rooms.php unrestricted upload |
| CVE-2024-2530 | 2024-03-16 | MAGESH-K21 Online-College-Event-Hall-Reservation-System update-rooms.php cross site scripting |
| CVE-2024-2531 | 2024-03-16 | MAGESH-K21 Online-College-Event-Hall-Reservation-System update-rooms.php unrestricted upload |
| CVE-2024-2532 | 2024-03-16 | MAGESH-K21 Online-College-Event-Hall-Reservation-System update-users.php sql injection |
| CVE-2024-2533 | 2024-03-16 | MAGESH-K21 Online-College-Event-Hall-Reservation-System update-users.php cross site scripting |
| CVE-2024-2534 | 2024-03-16 | MAGESH-K21 Online-College-Event-Hall-Reservation-System users.php sql injection |
| CVE-2024-2535 | 2024-03-17 | MAGESH-K21 Online-College-Event-Hall-Reservation-System users.php cross site scripting |
| CVE-2024-2546 | 2024-03-17 | Tenda AC18 fromSetWirelessRepeat stack-based overflow |
| CVE-2024-2547 | 2024-03-17 | Tenda AC18 R7WebsSecurityHandler stack-based overflow |
| CVE-2024-2553 | 2024-03-17 | SourceCodester Product Review Rating System Rate Product cross site scripting |
| CVE-2024-2554 | 2024-03-17 | SourceCodester Employee Task Management System update-employee.php sql injection |
| CVE-2024-2555 | 2024-03-17 | SourceCodester Employee Task Management System update-admin.php sql injection |
| CVE-2024-2556 | 2024-03-17 | SourceCodester Employee Task Management System attendance-info.php sql injection |
| CVE-2024-2557 | 2024-03-17 | kishor-23 Food Waste Management System admin.php improper authorization |
| CVE-2024-2558 | 2024-03-17 | Tenda AC18 execCommand formexeCommand stack-based overflow |
| CVE-2024-2559 | 2024-03-17 | Tenda AC18 SysToolReboot fromSysToolReboot cross-site request forgery |
| CVE-2024-2560 | 2024-03-17 | Tenda AC18 SysToolRestoreSet fromSysToolRestoreSet cross-site request forgery |
| CVE-2024-2561 | 2024-03-17 | 74CMS Company Logo Index.php#sendCompanyLogo unrestricted upload |
| CVE-2024-2562 | 2024-03-17 | PandaXGO PandaX role_menu.go InsertRole sql injection |
| CVE-2024-2563 | 2024-03-17 | PandaXGO PandaX upload.go DeleteImage path traversal |
| CVE-2024-2564 | 2024-03-17 | PandaXGO PandaX user.go ExportUser path traversal |
| CVE-2024-2565 | 2024-03-17 | PandaXGO PandaX File Extension upload.go unrestricted upload |
| CVE-2024-2566 | 2024-03-17 | Fujian Kelixin Communication Command and Dispatch Platform get_extension_yl.php sql injection |
| CVE-2024-25933 | 2024-03-17 | WordPress PeproDev Ultimate Invoice plugin <= 1.9.7 - Sensitive Data Exposure vulnerability |
| CVE-2024-24867 | 2024-03-17 | WordPress WP Stats Manager plugin <= 6.9.4 - Sensitive Data Exposure vulnerability |
| CVE-2024-25591 | 2024-03-17 | WordPress WP Editor plugin <=1.2.7 - Sensitive Data Exposure vulnerability |
| CVE-2024-25903 | 2024-03-17 | WordPress Frontend File Manager Plugin plugin <= 22.7 - Sensitive Data Exposure vulnerability |
| CVE-2024-27957 | 2024-03-17 | WordPress Pie Register plugin <= 3.8.3.1 - Unauthenticated Arbitrary File Upload vulnerability |
| CVE-2024-27958 | 2024-03-17 | WordPress Visualizer plugin <= 3.10.5 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-27959 | 2024-03-17 | WordPress APIExperts Square for WooCommerce plugin <= 4.2.9 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-27960 | 2024-03-17 | WordPress Email Subscription Popup plugin <= 1.2.20 - Cross Site Scripting (XSS) vulnerability |
| CVE-2024-27961 | 2024-03-17 | WordPress AntiSpam for Contact Form 7 plugin <= 0.6.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2024-2567 | 2024-03-17 | jurecapuder AndroidWeatherApp Backup File androidmanifest.xml backup |
| CVE-2024-2568 | 2024-03-17 | heyewei JFinalCMS Custom Data Page sql injection |
| CVE-2024-2569 | 2024-03-17 | SourceCodester Employee Task Management System admin-manage-user.php redirect |
| CVE-2024-23138 | 2024-03-17 | Stack-based Overflow Vulnerability in the TrueViewTM Desktop Software |
| CVE-2024-23139 | 2024-03-17 | ActionScript Byte Code “ABC” Vulnerability in the Autodesk FBX Review software |
| CVE-2021-47154 | 2024-03-18 | The Net::CIDR::Lite module before 0.22 for Perl does not properly... |
| CVE-2021-47155 | 2024-03-18 | The Net::IPV4Addr module 0.10 for Perl does not properly consider... |
| CVE-2021-47157 | 2024-03-18 | The Kossy module before 0.60 for Perl allows JSON hijacking... |
| CVE-2022-47036 | 2024-03-18 | Siklu TG Terragraph devices before approximately 2.1.1 have a hardcoded... |
| CVE-2024-24539 | 2024-03-18 | FusionPBX before 5.2.0 does not validate a session. |
| CVE-2024-25655 | 2024-03-18 | Insecure storage of LDAP passwords in the authentication functionality of... |
| CVE-2024-25656 | 2024-03-18 | Improper input validation in AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS... |
| CVE-2024-25657 | 2024-03-18 | An open redirect in the Login/Logout functionality of web management... |
| CVE-2024-27757 | 2024-03-18 | flusity CMS through 2.45 allows tools/addons_model.php Gallery Name XSS. The... |
| CVE-2024-28537 | 2024-03-18 | Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the... |
| CVE-2024-28547 | 2024-03-18 | Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the... |
| CVE-2024-28550 | 2024-03-18 | Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the... |
| CVE-2024-29151 | 2024-03-18 | Rocket.Chat.Audit through 5ad78e8 depends on filecachetools, which does not exist... |
| CVE-2024-29154 | 2024-03-18 | danielmiessler fabric through 1.3.0 allows installer/client/gui/static/js/index.js XSS because of innerHTML... |
| CVE-2018-25099 | 2024-03-18 | In the CryptX module before 0.062 for Perl, gcm_decrypt_verify() and... |
| CVE-2021-47156 | 2024-03-18 | The Net::IPAddress::Util module before 5.000 for Perl does not properly... |
| CVE-2022-47037 | 2024-03-18 | Siklu TG Terragraph devices before 2.1.1 allow attackers to discover... |
| CVE-2023-52159 | 2024-03-18 | A stack-based buffer overflow vulnerability in gross 0.9.3 through 1.x... |
| CVE-2024-24230 | 2024-03-18 | Komm.One CMS 10.4.2.14 has a Server-Side Template Injection (SSTI) vulnerability... |
| CVE-2024-25654 | 2024-03-18 | Insecure permissions for log files of AVSystem Unified Management Platform... |
| CVE-2024-28054 | 2024-03-18 | Amavis before 2.12.3 and 2.13.x before 2.13.1, in part because... |
| CVE-2024-29156 | 2024-03-18 | In OpenStack Murano through 16.0.0, when YAQL before 3.0.0 is... |