NA - CVE-2024-6074 - The wp-cart-for-digital-products WordPress...
The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which...
NA - CVE-2024-6075 - The wp-cart-for-digital-products WordPress...
The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
NA - CVE-2024-6076 - The wp-cart-for-digital-products WordPress...
The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which...
NA - CVE-2024-6289 - The WPS Hide Login WordPress plugin before...
The WPS Hide Login WordPress plugin before 1.9.16.4 does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthenticated visitor to access the hidden...
Medium - CVE-2024-6742 - AguardNet Technology's Space Management...
AguardNet Technology's Space Management System does not properly filter user input, allowing remote attackers with regular privileges to inject JavaScript and perform Reflected Cross-site...
Critical - CVE-2024-6743 - AguardNet's Space Management System does...
AguardNet's Space Management System does not properly validate user input, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database...
Critical - CVE-2024-6744 - The SMTP Listener of Secure Email Gateway from...
The SMTP Listener of Secure Email Gateway from Cellopoint does not properly validate user input, leading to a Buffer Overflow vulnerability. An unauthenticated remote attacker can exploit this...
NA - CVE-2023-41916 -
In Apache Linkis =1.4.0, due to the lack of...
In Apache Linkis =1.4.0, due to the lack of effective filtering of parameters, an attacker configuring malicious Mysql JDBC parameters in the DataSource Manager Module will trigger arbitrary file...