Total
6071 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-37198 | 1 Blazethemes | 1 Digital Newspaper | 2024-11-21 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in blazethemes Digital Newspaper.This issue affects Digital Newspaper: from n/a through 1.1.5. | |||||
| CVE-2024-37118 | 1 Uncannyowl | 1 Uncanny Automator | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross Site Request Forgery (CSRF) vulnerability in Uncanny Owl Uncanny Automator Pro.This issue affects Uncanny Automator Pro: from n/a through 5.3. | |||||
| CVE-2024-36670 | 2024-11-21 | N/A | 8.8 HIGH | ||
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/vpsClass_deal.php?mudi=del | |||||
| CVE-2024-36669 | 1 Idccms Project | 1 Idccms | 2024-11-21 | N/A | 8.8 HIGH |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/type_deal.php?mudi=add. | |||||
| CVE-2024-36668 | 1 Idccms Project | 1 Idccms | 2024-11-21 | N/A | 8.8 HIGH |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/type_deal.php?mudi=del | |||||
| CVE-2024-36667 | 1 Idccms Project | 1 Idccms | 2024-11-21 | N/A | 8.8 HIGH |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/idcProType_deal.php?mudi=add&nohrefStr=close | |||||
| CVE-2024-36550 | 1 Idccms | 1 Idccms | 2024-11-21 | N/A | 8.8 HIGH |
| idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/vpsCompany_deal.php?mudi=add&nohrefStr=close | |||||
| CVE-2024-36549 | 1 Idccms | 1 Idccms | 2024-11-21 | N/A | 8.8 HIGH |
| idccms v1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/vpsCompany_deal.php?mudi=rev&nohrefStr=close | |||||
| CVE-2024-36548 | 1 Idccms | 1 Idccms | 2024-11-21 | N/A | 8.8 HIGH |
| idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via admin/vpsCompany_deal.php?mudi=del | |||||
| CVE-2024-36547 | 1 Idccms | 1 Idccms | 2024-11-21 | N/A | 8.8 HIGH |
| idccms V1.35 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component admin/vpsClass_deal.php?mudi=add | |||||
| CVE-2024-36452 | 2024-11-21 | N/A | 3.1 LOW | ||
| Cross-site request forgery vulnerability exists in ajaxterm module of Webmin versions prior to 2.003. If this vulnerability is exploited, unintended operations may be performed when a user views a malicious page while logged in. As a result, data within a system may be referred, a webpage may be altered, or a server may be permanently halted. | |||||
| CVE-2024-36255 | 2024-11-21 | N/A | 5.7 MEDIUM | ||
| Mattermost versions 9.5.x <= 9.5.3, 9.6.x <= 9.6.1 and 8.1.x <= 8.1.12 fail to perform proper input validation on post actions which allows an attacker to run a playbook checklist task command as another user via creating and sharing a deceptive post action that unexpectedly runs a slash command in some arbitrary channel. | |||||
| CVE-2024-36076 | 2024-11-21 | N/A | 8.8 HIGH | ||
| Cross-Site WebSocket Hijacking in SysReptor from version 2024.28 to version 2024.30 causes attackers to escalate privileges and obtain sensitive information when a logged-in SysReptor user visits a malicious same-site subdomain in the same browser session. | |||||
| CVE-2024-35773 | 2024-11-21 | N/A | 7.1 HIGH | ||
| Cross-Site Request Forgery (CSRF) vulnerability in WPJohnny, zerOneIT Comment Reply Email allows Cross-Site Scripting (XSS).This issue affects Comment Reply Email: from n/a through 1.3. | |||||
| CVE-2024-35772 | 1 Presscustomizr | 1 Hueman | 2024-11-21 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in presscustomizr Hueman.This issue affects Hueman: from n/a through 3.7.24. | |||||
| CVE-2024-35771 | 1 Presscustomizr | 1 Customizr | 2024-11-21 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in presscustomizr Customizr.This issue affects Customizr: from n/a through 4.4.21. | |||||
| CVE-2024-35770 | 1 Davekiss | 1 Vimeography | 2024-11-21 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Dave Kiss Vimeography: Vimeo Video Gallery WordPress Plugin.This issue affects Vimeography: Vimeo Video Gallery WordPress Plugin: from n/a through 2.4.1. | |||||
| CVE-2024-35689 | 1 Analytify | 1 Analytify - Google Analytics Dashboard | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Analytify.This issue affects Analytify: from n/a through 5.2.3. | |||||
| CVE-2024-35684 | 1 10up | 1 Elasticpress | 2024-11-21 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in 10up ElasticPress.This issue affects ElasticPress: from n/a through 5.1.1. | |||||
| CVE-2024-35673 | 1 Purechat | 1 Pure Chat | 2024-11-21 | N/A | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Pure Chat by Ruby Pure Chat.This issue affects Pure Chat: from n/a through 2.22. | |||||