Skip to main content
CVE-2024-40614 CRITICAL PATCH Act Now

EGroupware before 23.1.20240624 mishandles an ORDER BY clause. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This SQL Injection vulnerability could allow attackers to execute arbitrary SQL commands against the database.

SQLi PHP Egroupware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2024-6229 MEDIUM POC This Month

A stored cross-site scripting (XSS) vulnerability exists in the 'Upload Knowledge' feature of stangirard/quivr, affecting the latest version. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Quivr
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2024-40605 MEDIUM POC This Month

An issue was discovered in the Foreground skin for MediaWiki through 1.42.1. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Mediawiki
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2024-40604 MEDIUM POC This Month

An issue was discovered in the Nimbus skin for MediaWiki through 1.42.1. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Mediawiki
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2024-40600 MEDIUM POC This Month

An issue was discovered in the Metrolook skin for MediaWiki through 1.42.1. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Mediawiki
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2024-40599 MEDIUM POC This Month

An issue was discovered in the GuMaxDD skin for MediaWiki through 1.42.1. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Mediawiki
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2024-6539 LOW POC Monitor

A vulnerability classified as problematic has been found in heyewei SpringBootCMS up to 2024-05-28. Affected is an unknown function of the file /guestbook of the component Guestbook Handler. The manipulation of the argument Content leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-270450 is the identifier assigned to this vulnerability.

XSS
NVD VulDB
CVSS 3.1
3.5
EPSS
0.1%
CVE-2024-40597 HIGH This Week

An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Mediawiki
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2024-40601 MEDIUM This Month

An issue was discovered in the MediaWikiChat extension for MediaWiki through 1.42.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Mediawiki
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2024-40602 MEDIUM This Month

An issue was discovered in the Tempo skin for MediaWiki through 1.42.1. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Mediawiki
NVD
CVSS 3.1
4.8
EPSS
0.3%
CVE-2024-40603 MEDIUM This Month

An issue was discovered in the ArticleRatings extension for MediaWiki through 1.42.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Mediawiki
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-40598 MEDIUM This Month

An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Mediawiki
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2024-40596 MEDIUM This Month

An issue was discovered in the CheckUser extension for MediaWiki through 1.42.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Mediawiki
NVD
CVSS 3.1
4.3
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy