Total
3760 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-10410 | 2 Janobe, Sourcecodester | 2 Online Hotel Reservation System, Online Hotel Reservation System | 2024-10-29 | 6.3 Medium |
| A vulnerability classified as critical was found in SourceCodester Online Hotel Reservation System 1.0. Affected by this vulnerability is the function upload of the file /admin/mod_room/controller.php?action=add. The manipulation of the argument image leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-10413 | 1 Janobe | 1 Online Hotel Reservation System | 2024-10-29 | 6.3 Medium |
| A vulnerability, which was classified as critical, has been found in SourceCodester Online Hotel Reservation System 1.0. Affected by this issue is the function upload of the file /guest/update.php. The manipulation of the argument image leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-50494 | 1 Amin Omer | 1 Wc Sudan Payment Gateway | 2024-10-29 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Amin Omer Sudan Payment Gateway for WooCommerce allows Upload a Web Shell to a Web Server.This issue affects Sudan Payment Gateway for WooCommerce: from n/a through 1.2.2. | ||||
| CVE-2024-50493 | 1 Masterhomepage | 1 Automatic Translation | 2024-10-29 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in masterhomepage Automatic Translation allows Upload a Web Shell to a Web Server.This issue affects Automatic Translation: from n/a through 1.0.4. | ||||
| CVE-2024-50484 | 1 Mahlamusa | 1 Multi Purpose Mail Form | 2024-10-29 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in mahlamusa Multi Purpose Mail Form allows Upload a Web Shell to a Web Server.This issue affects Multi Purpose Mail Form: from n/a through 1.0.2. | ||||
| CVE-2024-50482 | 1 Chetan Khandla | 1 Woocommerce Product Design | 2024-10-29 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Chetan Khandla Woocommerce Product Design allows Upload a Web Shell to a Web Server.This issue affects Woocommerce Product Design: from n/a through 1.0.0. | ||||
| CVE-2024-50473 | 1 Ajar Productions | 1 Ajar In5 Embed | 2024-10-29 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Ajar Productions Ajar in5 Embed allows Upload a Web Shell to a Web Server.This issue affects Ajar in5 Embed: from n/a through 3.1.3. | ||||
| CVE-2024-50420 | 1 Adirectory | 1 Adirectory | 2024-10-29 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in adirectory aDirectory allows Upload a Web Shell to a Web Server.This issue affects aDirectory: from n/a through 1.3. | ||||
| CVE-2024-50480 | 1 Azexo | 1 Marketing Automation By Azexo | 2024-10-29 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in azexo Marketing Automation by AZEXO allows Upload a Web Shell to a Web Server.This issue affects Marketing Automation by AZEXO: from n/a through 1.27.80. | ||||
| CVE-2024-50427 | 1 Devsoft Baltic | 1 Surveyjs | 2024-10-29 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Devsoft Baltic OĆ SurveyJS: Drag & Drop WordPress Form Builder.This issue affects SurveyJS: Drag & Drop WordPress Form Builder: from n/a through 1.9.136. | ||||
| CVE-2024-10420 | 1 Nurhodelta17 | 1 Attendance And Payroll System | 2024-10-29 | 6.3 Medium |
| A vulnerability classified as critical has been found in SourceCodester Attendance and Payroll System 1.0. This affects the function upload of the file /marimar/guest/update.php. The manipulation of the argument image leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-49653 | 1 James Egger | 1 Portfolleo | 2024-10-25 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in James Eggers Portfolleo portfolleo allows Upload a Web Shell to a Web Server.This issue affects Portfolleo: from n/a through 1.2. | ||||
| CVE-2024-49671 | 1 Postpix | 1 Ai Postpix | 2024-10-25 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Dogu Pekgoz AI Image Generator for Your Content & Featured Images ā AI Postpix allows Upload a Web Shell to a Web Server.This issue affects AI Image Generator for Your Content & Featured Images ā AI Postpix: from n/a through 1.1.8. | ||||
| CVE-2024-49668 | 1 Admin | 1 Verbalize | 2024-10-25 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Admin Verbalize WP Upload a Web Shell to a Web Server.This issue affects Verbalize WP: from n/a through 1.0. | ||||
| CVE-2024-49669 | 1 Alexander De Ridder | 1 Ink Official | 2024-10-25 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Alexander De Ridder INK Official allows Upload a Web Shell to a Web Server.This issue affects INK Official: from n/a through 4.1.2. | ||||
| CVE-2024-49658 | 1 Ecomerciar | 1 Woocommerce Custom Profile Picture | 2024-10-25 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Ecomerciar Woocommerce Custom Profile Picture allows Upload a Web Shell to a Web Server.This issue affects Woocommerce Custom Profile Picture: from n/a through 1.0. | ||||
| CVE-2024-49652 | 1 Reneecussack | 1 3d Work In Progress | 2024-10-25 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in ReneeCussack 3D Work In Progress allows Upload a Web Shell to a Web Server.This issue affects 3D Work In Progress: from n/a through 1.0.3. | ||||
| CVE-2024-49676 | 2024-10-25 | 6.6 Medium | ||
| Unrestricted Upload of File with Dangerous Type vulnerability in Michael Bourne Custom Icons for Elementor allows Upload a Web Shell to a Web Server.This issue affects Custom Icons for Elementor: from n/a through 0.3.3. | ||||
| CVE-2024-49326 | 1 Vasiliskerasiotis | 1 Affiliator | 2024-10-24 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Vasilis Kerasiotis Affiliator allows Upload a Web Shell to a Web Server.This issue affects Affiliator: from n/a through 2.1.3. | ||||
| CVE-2024-49324 | 1 Sovratec | 2 Case Management, Sovratec Case Management | 2024-10-24 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Sovratec Sovratec Case Management allows Upload a Web Shell to a Web Server.This issue affects Sovratec Case Management: from n/a through 1.0.0. | ||||