Month: March 2024

OneBlog cross-site scripting | CVE-2024-29472

March 22, 2024

NAME__________OneBlog cross-site scriptingPlatforms Affected:OneBlog OneBlog 2.3.4Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________OneBlog is vulnerable to cross-site scripting, caused by improper validation of user-supplied...

GeoServer cross-site scripting | CVE-2024-23819

March 22, 2024

NAME__________GeoServer cross-site scriptingPlatforms Affected:GeoServer GeoServer 2.4.0 GeoServer GeoServer 2.23.3Risk Level:4.8Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________GeoServer is vulnerable to cross-site scripting, caused by improper...

Axis Communications AB AXIS OS denial of service | CVE-2024-0055

March 22, 2024

NAME__________Axis Communications AB AXIS OS denial of servicePlatforms Affected:Axis Communications AB AXIS OS 11.8Risk Level:6.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Axis Communications AB...

GeoServer cross-site scripting | CVE-2024-23818

March 22, 2024

NAME__________GeoServer cross-site scriptingPlatforms Affected:GeoServer GeoServer 2.4.0 GeoServer GeoServer 2.23.2Risk Level:4.8Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________GeoServer is vulnerable to cross-site scripting, caused by improper...

Broadcom, Microsoft and MikroTik products denial of service | CVE-2024-2169

March 22, 2024

NAME__________Broadcom, Microsoft and MikroTik products denial of servicePlatforms Affected:Broadcom DSL/PON/Wifi routers Microsoft Windows Deployment Services (WDS) MikroTik TFTP serviceRisk Level:7.5Exploitability:UnprovenConsequences:Denial...

Meta4HR cross-site scripting | CVE-2024-2633

March 22, 2024

NAME__________Meta4HR cross-site scriptingPlatforms Affected:Cegid Meta4 HR 819.001.022 Cegid Meta4 HR 819.001.021Risk Level:6.1Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Meta4HR is vulnerable to cross-site scripting, caused...

Meta4HR cross-site scripting | CVE-2024-2634

March 22, 2024

GeoServer cross-site scripting | CVE-2024-23821

March 22, 2024

Python CPython denial of service | CVE-2024-0450

March 22, 2024

NAME__________Python CPython denial of servicePlatforms Affected:Python CPython 3.8.18 Python CPython 3.9.18 Python CPython 3.10.13 Python CPython 3.11.8 Python CPython 3.12.2Risk...

Meta4HR information disclosure | CVE-2024-2632

March 22, 2024

NAME__________Meta4HR information disclosurePlatforms Affected:Cegid Meta4 HR 819.001.022 Cegid Meta4 HR 819.001.021Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Meta4HR could allow a remote attacker to...

Complete E-Commerce Site file upload | CVE-2024-2754

March 22, 2024

NAME__________Complete E-Commerce Site file uploadPlatforms Affected:Sourcecodester Complete E-Commerce Site 1.0Risk Level:4.7Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Complete E-Commerce Site could allow a...

OneBlog cross-site scripting | CVE-2024-29470

March 22, 2024

OneBlog cross-site scripting | CVE-2024-29471

March 22, 2024

Apache Commons Configuration code execution | CVE-2024-29133

March 22, 2024

NAME__________Apache Commons Configuration code executionPlatforms Affected:Apache Software Foundation Apache Commons Configuration 2.0Risk Level:7.3Exploitability:UnprovenConsequences: DESCRIPTION__________Apache Commons Configuration could allow a remote...

IBM Storage Protect Plus Server improper access control | CVE-2023-47715

March 22, 2024

NAME__________IBM Storage Protect Plus Server improper access controlPlatforms Affected:IBM Storage Protect Plus Server 10.1.0 IBM Storage Protect Plus Server 10.1.16Risk...

Apache Commons Configuration code execution | CVE-2024-29131

March 22, 2024

NAME__________Apache Commons Configuration code executionPlatforms Affected:Apache Software Foundation Apache Commons Configuration 2.0Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apache Commons Configuration could allow a...

OneBlog cross-site scripting | CVE-2024-29473

March 22, 2024

IBM Storage Protect Plus Server information disclosure | CVE-2024-27277

March 22, 2024

NAME__________IBM Storage Protect Plus Server information disclosurePlatforms Affected:IBM Storage Protect Plus Server 10.1.0 IBM Storage Protect Plus Server 10.1.16Risk Level:6.2Exploitability:UnprovenConsequences:Obtain...

OneBlog cross-site scripting | CVE-2024-29474

March 22, 2024

Tenda AC10U buffer overflow | CVE-2024-2711

March 22, 2024

NAME__________Tenda AC10U buffer overflowPlatforms Affected:Tenda AC10U 15.03.06.48Risk Level:7.3Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Tenda AC10U is vulnerable to a stack-based buffer overflow,...

Progress Telerik code execution | CVE-2024-1801

March 22, 2024

NAME__________Progress Telerik code executionPlatforms Affected:Progress Telerik Reporting 2024 Q1Risk Level:7.7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Progress Telerik Reporting could allow a remote authenticated attacker...

Campcodes Online Beauty Parlor Management System SQL injection | CVE-2024-2667

March 22, 2024

NAME__________Campcodes Online Beauty Parlor Management System SQL injectionPlatforms Affected:Campcodes Complete Online Beauty Parlor Management System 1.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Campcodes Online...

Tenda AC10U buffer overflow | CVE-2024-2764

March 22, 2024

Tenda AC10U buffer overflow | CVE-2024-2710

March 22, 2024

Month: March 2024

OneBlog cross-site scripting | CVE-2024-29472

GeoServer cross-site scripting | CVE-2024-23819

Axis Communications AB AXIS OS denial of service | CVE-2024-0055

GeoServer cross-site scripting | CVE-2024-23818

Broadcom, Microsoft and MikroTik products denial of service | CVE-2024-2169

Meta4HR cross-site scripting | CVE-2024-2633

Meta4HR cross-site scripting | CVE-2024-2634

GeoServer cross-site scripting | CVE-2024-23821

Python CPython denial of service | CVE-2024-0450

Meta4HR information disclosure | CVE-2024-2632

Complete E-Commerce Site file upload | CVE-2024-2754

OneBlog cross-site scripting | CVE-2024-29470

OneBlog cross-site scripting | CVE-2024-29471

Apache Commons Configuration code execution | CVE-2024-29133

IBM Storage Protect Plus Server improper access control | CVE-2023-47715

Apache Commons Configuration code execution | CVE-2024-29131

OneBlog cross-site scripting | CVE-2024-29473

IBM Storage Protect Plus Server information disclosure | CVE-2024-27277

OneBlog cross-site scripting | CVE-2024-29474

Tenda AC10U buffer overflow | CVE-2024-2711

Progress Telerik code execution | CVE-2024-1801

Campcodes Online Beauty Parlor Management System SQL injection | CVE-2024-2667

Tenda AC10U buffer overflow | CVE-2024-2764

Tenda AC10U buffer overflow | CVE-2024-2710

CVE Alert: CVE-2024-52867

CVE Alert: CVE-2020-25720

CVE Alert: CVE-2023-4639

CVE Alert: CVE-2023-1419

CVE Alert: CVE-2023-43091

You may have missed