Skip to main content

Alerts

20 Nov 2024

NA - CVE-2024-48899 - A vulnerability was found in Moodle. Additional...

A vulnerability was found in Moodle. Additional checks are required to ensure users can only fetch the list of course badges for courses that they are intended to have access to.
security-database.com
Read more
20 Nov 2024

Medium - CVE-2024-10520 - The WP Project Manager plugin for WordPress is...

The WP Project Manager plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check in the 'check' method of the 'Create_Milestone',...
security-database.com
Read more
20 Nov 2024

Medium - CVE-2024-11404 - Unrestricted Upload of File with Dangerous...

Unrestricted Upload of File with Dangerous Type, Improper Input Validation, Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in django CMS Association...
security-database.com
Read more
20 Nov 2024

Medium - CVE-2024-11406 - Improper Neutralization of Input During Web...

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in django CMS Association django CMS Attributes Fields allows Stored XSS.This...
security-database.com
Read more
20 Nov 2024

NA - CVE-2024-52437 - Missing Authentication for Critical Function...

Missing Authentication for Critical Function vulnerability in Saul Morales Pacheco Banner System allows Privilege Escalation.This issue affects Banner System: from n/a through 1.0.0.
security-database.com
Read more
20 Nov 2024

NA - CVE-2024-52438 - Missing Authentication for Critical Function...

Missing Authentication for Critical Function vulnerability in deco.Agency de:branding allows Privilege Escalation.This issue affects de:branding: from n/a through 1.0.2.
security-database.com
Read more
20 Nov 2024

NA - CVE-2024-52439 - Deserialization of Untrusted Data vulnerability...

Deserialization of Untrusted Data vulnerability in Mark O’Donnell Team Rosters allows Object Injection.This issue affects Team Rosters: from n/a through 4.6.
security-database.com
Read more
20 Nov 2024

NA - CVE-2024-52440 - Deserialization of Untrusted Data vulnerability...

Deserialization of Untrusted Data vulnerability in Bueno Labs Pvt. Ltd. Xpresslane Fast Checkout allows Object Injection.This issue affects Xpresslane Fast Checkout: from n/a through 1.0.0.
security-database.com
Read more
20 Nov 2024

NA - CVE-2024-52441 - Improperly Controlled Modification of Object...

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability in Rajesh Thanoch Quick Learn allows Object Injection.This issue affects Quick...
security-database.com
Read more
20 Nov 2024

NA - CVE-2024-52442 - Incorrect Privilege Assignment vulnerability in...

Incorrect Privilege Assignment vulnerability in Userplus UserPlus allows Privilege Escalation.This issue affects UserPlus: from n/a through 2.0.
security-database.com
Read more
Language