CVE List - 2024 / July
Showing 1401 - 1500 of 3117 CVEs for July 2024 (Page 15 of 32)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-4977 | 2024-07-13 | Index WP MySQL For Speed < 1.4.18 - Admin+ Reflected XSS |
| CVE-2024-5002 | 2024-07-13 | User Submitted Posts < 20240516 - Admin+ Stored XSS |
| CVE-2024-5028 | 2024-07-13 | CM WordPress Search And Replace Plugin < 1.3.9 - Plugin Reset via CSRF |
| CVE-2024-5032 | 2024-07-13 | SULly < 4.3.1 - Reflected XSS |
| CVE-2024-5033 | 2024-07-13 | SULly < 4.3.1 - Admin+ Stored XSS via CSRF |
| CVE-2024-5034 | 2024-07-13 | SULly < 4.3.1 - Plugin Reset via CSRF |
| CVE-2024-5074 | 2024-07-13 | WP eMember < 10.6.6 - Reflected XSS |
| CVE-2024-5075 | 2024-07-13 | WP eMember < 10.6.6 - Reflected XSS |
| CVE-2024-5076 | 2024-07-13 | WP eMember < 10.6.6 - Bulk Delete via CSRF |
| CVE-2024-5077 | 2024-07-13 | WP eMember < 10.6.6 - Stored XSS in Blacklist via CSRF |
| CVE-2024-5079 | 2024-07-13 | WP eMember < 10.6.7 - Unauthenticated Stored XSS via Member Registration |
| CVE-2024-5080 | 2024-07-13 | WP eMember < 10.6.6 - Admin+ Arbitrary File Upload |
| CVE-2024-5151 | 2024-07-13 | SULly < 4.3.1 - Admin+ Stored XSS |
| CVE-2024-5167 | 2024-07-13 | CM Email Registration Blacklist and Whitelist < 1.4.9 - Add/Delete Emails via CSRF Add and delete any item from blacklist/whitelist |
| CVE-2024-5280 | 2024-07-13 | WP Affiliate Platform < 6.5.1 - POST Reflected XSS |
| CVE-2024-5281 | 2024-07-13 | WP Affiliate Platform < 6.5.1 - Reflected XSS via Affiliate Editing |
| CVE-2024-5282 | 2024-07-13 | WP Affiliate Platform < 6.5.1 - Reflected XSS via Registration Form |
| CVE-2024-5283 | 2024-07-13 | WP Affiliate Platform < 6.5.1 - Reflected XSS via Lead Editing |
| CVE-2024-5284 | 2024-07-13 | WP Affiliate Platform < 6.5.1 - Stored XSS via CSRF |
| CVE-2024-5286 | 2024-07-13 | WP Affiliate Platform < 6.5.1 - Reflected XSS via Banner Editing |
| CVE-2024-5287 | 2024-07-13 | WP Affiliate Platform < 6.5.1 - Profile Update via CSRF |
| CVE-2024-5442 | 2024-07-13 | NextGEN Gallery < 3.59.3 - Admin+ Stored XSS |
| CVE-2024-5450 | 2024-07-13 | Bug Library < 2.1.1 - Unauthenticated RCE |
| CVE-2024-5472 | 2024-07-13 | WP QuickLaTeX < 3.8.7 - Admin+ Stored XSS in Background Color field |
| CVE-2024-5575 | 2024-07-13 | Ditty < 3.1.43 - Author+ Stored XSS |
| CVE-2024-5627 | 2024-07-13 | WordPress Plugin Tournamatch < 4.6.1 - Subscriber+ Stored XSS |
| CVE-2024-5644 | 2024-07-13 | WordPress Plugin Tournamatch < 4.6.1 - Admin+ Stored XSS via Ladders |
| CVE-2024-5713 | 2024-07-13 | if-so < 1.8.0.4 - Reflected XSS |
| CVE-2024-5715 | 2024-07-13 | WP eMember < 10.6.7 - Reflected XSS via Member Edit |
| CVE-2024-5744 | 2024-07-13 | WP eMember < 10.6.7 - Reflected XSS |
| CVE-2024-6070 | 2024-07-13 | if-so < 1.8.0.4 - Admin+ Stored XSS |
| CVE-2024-6465 | 2024-07-13 | WP Links Page <= 4.9.5 - Missing Authorization to Authenticated (Subscriber+) Limited Image Update |
| CVE-2024-6728 | 2024-07-14 | itsourcecode Tailoring Management System typeedit.php sql injection |
| CVE-2024-6729 | 2024-07-14 | SourceCodester Kortex Lite Advocate Office Management System add_act.php sql injection |
| CVE-2024-6730 | 2024-07-14 | Nanjing Xingyuantu Technology SparkShop uploadFile unrestricted upload |
| CVE-2023-52885 | 2024-07-14 | SUNRPC: Fix UAF in svc_tcp_listen_data_ready() |
| CVE-2024-39734 | 2024-07-14 | IBM Datacap Navigator information disclosure |
| CVE-2024-39732 | 2024-07-14 | IBM Datacap Navigator information disclosure |
| CVE-2024-39733 | 2024-07-14 | IBM Datacap Navigator information disclosure |
| CVE-2024-6731 | 2024-07-14 | SourceCodester Student Study Center Desk Management System Master.php sql injection |
| CVE-2024-6732 | 2024-07-14 | SourceCodester Student Study Center Desk Management System Users.php sql injection |
| CVE-2024-6733 | 2024-07-14 | itsourcecode Tailoring Management System templateedit.php sql injection |
| CVE-2024-6734 | 2024-07-14 | itsourcecode Tailoring Management System templateadd.php sql injection |
| CVE-2024-31946 | 2024-07-15 | An issue was discovered in Stormshield Network Security (SNS) 3.7.0... |
| CVE-2024-36432 | 2024-07-15 | An arbitrary memory write vulnerability was discovered in Supermicro X11DPG-HGX2,... |
| CVE-2024-36433 | 2024-07-15 | An arbitrary memory write vulnerability was discovered in Supermicro X11DPH-T,... |
| CVE-2024-36434 | 2024-07-15 | An SMM callout vulnerability was discovered in Supermicro X11DPH-T, X11DPH-Tq,... |
| CVE-2024-36438 | 2024-07-15 | eLinkSmart Hidden Smart Cabinet Lock 2024-05-22 has Incorrect Access Control... |
| CVE-2024-37016 | 2024-07-15 | Mengshen Wireless Door Alarm M70 2024-05-24 allows Authentication Bypass via... |
| CVE-2024-37386 | 2024-07-15 | An issue was discovered in Stormshield Network Security (SNS) 4.0.0... |
| CVE-2024-40414 | 2024-07-15 | A vulnerability in /goform/SetNetControlList in the sub_656BC function in Tenda... |
| CVE-2024-40415 | 2024-07-15 | A vulnerability in /goform/SetStaticRouteCfg in the sub_519F4 function in Tenda... |
| CVE-2024-40416 | 2024-07-15 | A vulnerability in /goform/SetVirtualServerCfg in the sub_6320C function in Tenda... |
| CVE-2024-40524 | 2024-07-15 | Directory Traversal vulnerability in xmind2testcase v.1.5 allows a remote attacker... |
| CVE-2024-40553 | 2024-07-15 | Tmall_demo v2024.07.03 was discovered to contain an arbitrary file upload... |
| CVE-2024-40554 | 2024-07-15 | An access control issue in Tmall_demo v2024.07.03 allows attackers to... |
| CVE-2024-40555 | 2024-07-15 | Tmall_demo v2024.07.03 was discovered to contain an arbitrary file upload... |
| CVE-2024-40560 | 2024-07-15 | Tmall_demo before v2024.07.03 was discovered to contain a SQL injection... |
| CVE-2024-6735 | 2024-07-15 | itsourcecode Tailoring Management System setgeneral.php sql injection |
| CVE-2024-6345 | 2024-07-15 | Remote Code Execution in pypa/setuptools |
| CVE-2024-6736 | 2024-07-15 | SourceCodester Employee and Visitor Gate Pass Logging System view_employee.php sql injection |
| CVE-2024-39739 | 2024-07-15 | IBM Datacap Navigator server-side request forgery |
| CVE-2024-39737 | 2024-07-15 | IBM Datacap Navigator information disclosure |
| CVE-2024-39736 | 2024-07-15 | IBM Datacap Navigator HTTP HOST header injection |
| CVE-2024-39728 | 2024-07-15 | IBM Datacap Navigator cross-site scripting |
| CVE-2024-39731 | 2024-07-15 | IBM Datacap Navigator information disclosure |
| CVE-2024-39735 | 2024-07-15 | IBM Datacap Navigator cross-site scripting |
| CVE-2024-39729 | 2024-07-15 | IBM Datacap Navigator information disclosure |
| CVE-2024-39741 | 2024-07-15 | IBM Datacap Navigator directory traversal |
| CVE-2024-39740 | 2024-07-15 | IBM Datacap Navigator information disclosure |
| CVE-2024-6737 | 2024-07-15 | 2100 TECHNOLOGY Electronic Official Document Management System - Broken Access Control |
| CVE-2024-6738 | 2024-07-15 | WisdomGarden Tronclass - Broken Access Control |
| CVE-2024-6739 | 2024-07-15 | Openfind MailGates and MailAudit - Sensitive Cookie Without 'HttpOnly' Flag |
| CVE-2024-21513 | 2024-07-15 | Versions of the package langchain-experimental from 0.0.15 and before 0.0.21... |
| CVE-2024-6742 | 2024-07-15 | AguardNet Space Management System - Reflected Cross-Site Scripting |
| CVE-2024-5630 | 2024-07-15 | Insert or Embed Articulate Content into WordPress < 4.3000000024 - Author+ Arbitrary File Upload |
| CVE-2024-6072 | 2024-07-15 | WP eStore < 8.5.5 - Reflected XSS via $_SERVER['REQUEST_URI'] |
| CVE-2024-6073 | 2024-07-15 | WP eStore < 8.5.5 - Reflected XSS in Discount Editing |
| CVE-2024-6074 | 2024-07-15 | WP eStore < 8.5.5 - Reflected XSS in Customer Editing |
| CVE-2024-6075 | 2024-07-15 | WP eStore < 8.5.5 - Coupon Deletion via CSRF |
| CVE-2024-6076 | 2024-07-15 | WP eStore < 8.5.5 - Reflected XSS in Category Editing |
| CVE-2024-6289 | 2024-07-15 | WPS Hide Login < 1.9.16.4 - Hidden Login Page Disclosure |
| CVE-2024-6743 | 2024-07-15 | AguardNet Space Management System - SQL injection |
| CVE-2024-6744 | 2024-07-15 | The SMTP Listener of Secure Email Gateway from Cellopoint does... |
| CVE-2024-6540 | 2024-07-15 | Information exlosure in external interface |
| CVE-2024-23794 | 2024-07-15 | Agents are able to lock the ticket without the "Owner" permission |
| CVE-2023-41916 | 2024-07-15 | Apache Linkis DataSource: DatasourceManager module has a JDBC parameter judgment logic vulnerability that allows for arbitrary file reading |
| CVE-2023-46801 | 2024-07-15 | Apache Linkis DataSource: DataSource Remote code execution vulnerability |
| CVE-2023-49566 | 2024-07-15 | Apache Linkis DataSource: JDBC Datasource Module with DB2 has JNDI Injection vulnerability |
| CVE-2024-6740 | 2024-07-15 | Openfind Mail2000 - Stored XSS |
| CVE-2024-6741 | 2024-07-15 | Openfind Mail2000 - HttpOnly flag bypass |
| CVE-2024-32945 | 2024-07-15 | LaTeX post content manipulation via renderer state leak across contexts |
| CVE-2024-39767 | 2024-07-15 | Spoofed push notifications from malicious server |
| CVE-2024-41007 | 2024-07-15 | tcp: avoid too many retransmit packets |
| CVE-2024-6398 | 2024-07-15 | An information disclosure vulnerability in SWG in versions 12.x prior... |
| CVE-2024-6745 | 2024-07-15 | code-projects Simple Ticket Booking Login adminauthenticate.php sql injection |
| CVE-2024-5402 | 2024-07-15 | Mint Workbench I Unquoted Service Path Enumeration |
| CVE-2024-6746 | 2024-07-15 | NaiboWang EasySpider HTTP GET Request server.js path traversal |
| CVE-2024-6689 | 2024-07-15 | Local privilege escalation vulnerability in baramundi Management Agent via MSI Installer |
| CVE-2024-36455 | 2024-07-15 | Symantec Privileged Access Manager Remote Command Execution vulnerability |