ReportizFlow
Filtered by vendor
Subscriptions
Total
707 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-34383 | 2024-11-21 | 5.3 Medium | ||
| Authorization Bypass Through User-Controlled Key vulnerability in The SEO Guys at SEOPress SEOPress.This issue affects SEOPress: from n/a through 7.7.1. | ||||
| CVE-2024-33818 | 2024-11-21 | N/A | ||
| Globitel KSA SpeechLog v8.1 was discovered to contain an Insecure Direct Object Reference (IDOR) via the userID parameter. | ||||
| CVE-2024-33668 | 1 Zammad | 1 Zammad | 2024-11-21 | 9.1 Critical |
| An issue was discovered in Zammad before 6.3.0. The Zammad Upload Cache uses insecure, partially guessable FormIDs to identify content. An attacker could try to brute force them to upload malicious content to article drafts they have no access to. | ||||
| CVE-2024-33542 | 2024-11-21 | 4.3 Medium | ||
| Authorization Bypass Through User-Controlled Key vulnerability in Fabio Rinaldi Crelly Slider.This issue affects Crelly Slider: from n/a through 1.4.5. | ||||
| CVE-2024-33383 | 1 Novel-plus | 1 Novel-plus | 2024-11-21 | 7.5 High |
| Arbitrary File Read vulnerability in novel-plus 4.3.0 and before allows a remote attacker to obtain sensitive information via a crafted GET request using the filePath parameter. | ||||
| CVE-2024-33373 | 2024-11-21 | 6.3 Medium | ||
| An issue in the LB-LINK BL-W1210M v2.0 router allows attackers to bypass password complexity requirements and set single digit passwords for authentication. This vulnerability can allow attackers to access the router via a brute-force attack. | ||||
| CVE-2024-32823 | 2024-11-21 | 5.3 Medium | ||
| Authorization Bypass Through User-Controlled Key vulnerability in FeedbackWP Rate my Post – WP Rating System.This issue affects Rate my Post – WP Rating System: from n/a through 3.4.4. | ||||
| CVE-2024-32808 | 2024-11-21 | 5.4 Medium | ||
| Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.9. | ||||
| CVE-2024-32772 | 2024-11-21 | 4.3 Medium | ||
| Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.9. | ||||
| CVE-2024-32683 | 1 Wpmet | 1 Wp Ultimate Review | 2024-11-21 | 5.3 Medium |
| Authorization Bypass Through User-Controlled Key vulnerability in Wpmet Wp Ultimate Review.This issue affects Wp Ultimate Review: from n/a through 2.2.5. | ||||
| CVE-2024-32604 | 1 Wordpress | 1 Adserve | 2024-11-21 | 4.3 Medium |
| Authorization Bypass Through User-Controlled Key vulnerability in Plechev Andrey WP-Recall.This issue affects WP-Recall: from n/a through 16.26.5. | ||||
| CVE-2024-32166 | 1 Webidsupport | 1 Webid | 2024-11-21 | 8.8 High |
| Webid v1.2.1 suffers from an Insecure Direct Object Reference (IDOR) - Broken Access Control vulnerability, allowing attackers to buy now an auction that is suspended (horizontal privilege escalation). | ||||
| CVE-2024-31898 | 1 Ibm | 1 Infosphere Information Server | 2024-11-21 | 5.4 Medium |
| IBM InfoSphere Information Server 11.7 could allow an authenticated user to read or modify sensitive information by bypassing authentication using insecure direct object references. IBM X-Force ID: 288182. | ||||
| CVE-2024-31815 | 1 Totolink | 1 Ex200 Firmware | 2024-11-21 | 9.1 Critical |
| In TOTOLINK EX200 V4.0.3c.7314_B20191204, an attacker can obtain the configuration file without authorization through /cgi-bin/ExportSettings.sh | ||||
| CVE-2024-31296 | 2024-11-21 | 4.3 Medium | ||
| Authorization Bypass Through User-Controlled Key vulnerability in Repute Infosystems BookingPress.This issue affects BookingPress: from n/a through 1.0.81. | ||||
| CVE-2024-31291 | 2024-11-21 | 4.3 Medium | ||
| Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.6. | ||||
| CVE-2024-31095 | 2024-11-21 | 9.1 Critical | ||
| Authorization Bypass Through User-Controlled Key vulnerability in Ricard Torres Thumbs Rating.This issue affects Thumbs Rating: from n/a through 5.1.0. | ||||
| CVE-2024-30543 | 2024-11-21 | 6.5 Medium | ||
| Authorization Bypass Through User-Controlled Key vulnerability in UPQODE Whizz.This issue affects Whizzy: from n/a through 1.1.18. | ||||
| CVE-2024-30513 | 2024-11-21 | 6.5 Medium | ||
| Authorization Bypass Through User-Controlled Key vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid : from n/a through 5.7.2. | ||||
| CVE-2024-30507 | 2024-11-21 | 2.7 Low | ||
| Authorization Bypass Through User-Controlled Key vulnerability in Molongui.This issue affects Molongui: from n/a through 4.7.7. | ||||