Skip to main content
CVE-2024-5926 CRITICAL POC Act Now

A path traversal vulnerability in the get-project-files functionality of stitionai/devika allows attackers to read arbitrary files from the filesystem and cause a Denial of Service (DoS). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Denial Of Service Devika
NVD
CVSS 3.0
9.1
EPSS
0.9%
CVE-2024-6418 MEDIUM POC This Month

A vulnerability classified as critical has been found in SourceCodester Medicine Tracker System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Medicine Tracker System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.5%
CVE-2024-5062 MEDIUM POC PATCH This Month

A reflected Cross-Site Scripting (XSS) vulnerability was identified in zenml-io/zenml version 0.57.1. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Zenml
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-6417 MEDIUM POC This Month

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Simple Online Bidding System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.5%
CVE-2024-6416 MEDIUM POC This Month

A vulnerability was found in SeaCMS 12.9. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Seacms
NVD VulDB
CVSS 4.0
5.3
EPSS
0.5%
CVE-2024-31902 HIGH This Week

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM CSRF Infosphere Information Server
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2024-6414 MEDIUM This Month

A vulnerability classified as problematic has been found in Parsec Automation TrakSYS 11.x.x. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD VulDB
CVSS 4.0
6.9
EPSS
0.6%
CVE-2024-28798 MEDIUM This Month

IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM XSS Infosphere Information Server
NVD
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-28794 MEDIUM This Month

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Infosphere Information Server
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-31898 MEDIUM This Month

IBM InfoSphere Information Server 11.7 could allow an authenticated user to read or modify sensitive information by bypassing authentication using insecure direct object references. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass IBM Infosphere Information Server
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-28797 MEDIUM This Month

IBM InfoSphere Information Server 11.7 is vulnerable stored to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Infosphere Information Server
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-28795 MEDIUM This Month

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM XSS Infosphere Information Server
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-35119 MEDIUM This Month

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in a stack trace. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Infosphere Information Server
NVD
CVSS 3.1
5.3
EPSS
0.4%
CVE-2024-6415 MEDIUM This Month

A vulnerability classified as problematic was found in Ingenico Estate Manager 2023. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD VulDB
CVSS 4.0
5.1
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy