Skip to main content
CVE-2024-1020 MEDIUM POC This Month

A vulnerability classified as problematic was found in Rebuild up to 3.5.5. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Rebuild
NVD VulDB
CVSS 3.1
6.1
EPSS
0.6%
CVE-2024-24136 MEDIUM POC This Month

The 'Your Name' field in the Submit Score section of Sourcecodester Math Game with Leaderboard v1.0 is vulnerable to Cross-Site Scripting (XSS) attacks. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Math Game
NVD GitHub
CVSS 3.1
6.1
EPSS
0.6%
CVE-2024-1018 MEDIUM POC This Month

A vulnerability classified as problematic has been found in PbootCMS 3.2.5-20230421. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Pbootcms
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.5%
CVE-2024-24135 MEDIUM POC This Month

Product Name and Product Code in the 'Add Product' section of Sourcecodester Product Inventory with Export to Excel 1.0 are vulnerable to XSS attacks. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Product Inventory With Export To Excel
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
CVE-2024-23826 MEDIUM POC PATCH This Month

spbu_se_site is the website of the Department of System Programming of St. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Microsoft Spbu Se Site
NVD GitHub
CVSS 3.1
5.7
EPSS
0.4%
CVE-2024-23441 MEDIUM POC This Month

Vba32 Antivirus v3.36.0 is vulnerable to a Denial of Service vulnerability by triggering the 0x2220A7 IOCTL code of the Vba32m64.sys driver. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Null Pointer Dereference Vba32
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-1010 MEDIUM POC This Month

A vulnerability classified as problematic has been found in SourceCodester Employee Management System 1.0. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Employee Management System
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.6%
CVE-2024-22559 MEDIUM POC This Month

LightCMS v2.0 is vulnerable to Cross Site Scripting (XSS) in the Content Management - Articles field. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Lightcms
NVD GitHub
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-1022 MEDIUM POC This Month

A vulnerability, which was classified as problematic, was found in CodeAstro Simple Student Result Management System 5.6. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Simple Student Result Management System
NVD VulDB
CVSS 3.1
4.8
EPSS
0.5%
CVE-2024-24134 MEDIUM POC This Month

Sourcecodester Online Food Menu 1.0 is vulnerable to Cross Site Scripting (XSS) via the 'Menu Name' and 'Description' fields in the Update Menu section. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Online Food Menu
NVD GitHub
CVSS 3.1
4.8
EPSS
0.7%
CVE-2024-0788 MEDIUM This Month

SUPERAntiSpyware Pro X v10.0.1260 is vulnerable to kernel-level API parameters manipulation and Denial of Service vulnerabilities by triggering the 0x9C402140 IOCTL code of the saskutil64.sys driver. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Superantispyware
NVD
CVSS 3.1
6.6
EPSS
0.2%
CVE-2024-23792 MEDIUM This Month

When adding attachments to ticket comments, another user can add attachments as well impersonating the orginal user. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Otrs
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-0212 MEDIUM This Month

The Cloudflare Wordpress plugin was found to be vulnerable to improper authentication. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress Cloudflare
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2024-22570 MEDIUM This Month

A stored cross-site scripting (XSS) vulnerability in /install.php?m=install&c=index&a=step3 of GreenCMS v2.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS Greencms
NVD GitHub
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-1006 MEDIUM This Month

A vulnerability was found in Shanxi Diankeyun Technology NODERP up to 6.0.2 and classified as critical.php of the component Cookie Handler. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass PHP Noderp
NVD VulDB
CVSS 3.1
5.3
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy